Log inGet started
Airwallex logo
Home
Online Payments
Treasury
Transactional FX
Payouts
Issuing
Scale
Open Banking
Developer Tools
API Reference
Home
Online Payments
Overview
Starting with paymentsAirwallex platform overviewOnline payments modelPricing model
Integration options
Pay by LinkHosted Payment PageEmbedded ElementsDrop-in ElementMobile SDKNative API
API VersioningPaymentCaptureCancellationRefundManagement of payment credentials
3D Secure authenticationError response codes
Plugins

Management of payment credentials

When you manage recurring transactions, Airwallex takes care of safely storing your buyer's payment credentials in our secure card vault on your behalf. For security reasons, you cannot retrieve the data in clear and you cannot store the data by yourself unless you have a PCI-DSS AOC.

Retrieve stored credentials

Whenever you need to manage your buyer's credentials or wish to propose the selection of a default one to improve a later checkout experience you can retrieve and list a token associated with each of the stored credentials.

Use GET /api/v1/pa/payment_methods?customer_id=your_customer_id you may also wish to include the type to indicate a specific payment method (i.e. wechatpay, card, etc.)

curl -X GET \
  https://pci-api.airwallex.com/api/v1/pa/payment_methods?status=VERIFIED?customer_id=cus_UrYZVNWkN6OSHb7dSIbQOR1Mdr7 \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer your_bearer_token' \
{
    "has_more": false,
    "items": [
        {
            "id": "mtd_WXM9QfJh0zWX7sQDSIYcbDwAhFd",
            "request_id": "4739b731-fb60-48d0-ab64-f90cd70271df",
            "customer_id": "cus_FEcD53g0XlkAiZ6RJToHltslQzO",
            "type": "card",
            "card": {
                "expiry_month": "01",
                "expiry_year": "2023",
                "name": "Adam",
                "bin": "401200",
                "last4": "1003",
                "brand": "visa",
                "issuer_country_code": "RU",
                "card_type": "credit",
                "fingerprint": "Viy7U4n4UoLAcY9MVrdVqDFdXt0=",
                "cvc_check": "unknown",
                "avs_check": "unknown"
            },
            "status": "VERIFIED",
            "created_at": "2020-06-28T09:18:28+0000",
            "updated_at": "2020-06-28T09:21:11+0000"
        }
    ]
}

Update saved card details

Over time, changes in the credentials of your buyer may occur (i.e. a payment card is renewed and the expiry date changes, etc.). You have the possibility to provide those changes to Airwallex and we will update your buyer's payment credentials accordingly.

NOTE: You will only be able to change the cardholder name, and expiry details. In case you wish to create a new set of payment credentials including a new card number a new token will be provided to you.

curl -X POST \
  https://pci-api.airwallex.com/api/v1/pa/payment_methods/mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe/update \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer your_bearer_token' \
  -d '{
    "request_id": "{{$guid}}",
    "card": {
      "expiry_month": "01",
      "expiry_year": "2024",  
      "name": "Violet"
    }
}'
{
    "id": "mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe",
    "request_id": "1deb1754-0e4d-44f5-8f8a-50634d875753",
    "customer_id": "cus_FEcD53g0XlkAiZ6RJToHltslQzO",
    "type": "card",
    "card": {
        "expiry_month": "12",
        "expiry_year": "2024",
        "name": "Violet",
        "bin": "401200",
        "last4": "1003",
        "brand": "visa",
        "issuer_country_code": "RU",
        "card_type": "credit",
        "fingerprint": "Viy7U4n4UoLAcY9MVrdVqDFdXt0=",
        "cvc_check": "unknown",
        "avs_check": "unknown"
    },
    "status": "VERIFIED",
    "created_at": "2020-06-28T09:18:28+0000",
    "updated_at": "2020-06-28T09:55:04+0000"
}

Delete stored credentials

In case you wish to delete the payment credentials stored in our platform use the endpoint POST /api/v1/pa/payment_methods/{id}/disable to make them not usable anymore.

Those credentials cannot be used to create any new Payment Intent. Existing Payment Intents stay unmodified.

curl -X POST \
  https://pci-api.airwallex.com/api/v1/pa/payment_methods/mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe/disable \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer your_bearer_token' \
  -d '{
    "request_id":"53f471b9-81cd-464b-bc0d-d39cefda3a30"
}'
{
    "id": "mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe",
    "request_id": "1deb1754-0e4d-44f5-8f8a-50634d875753",
    "type": "card",
    "card": {
        "expiry_month": "12",
        "expiry_year": "2022",
        "name": "Adam",
        "bin": "401200",
        "last4": "1003",
        "brand": "visa",
        "issuer_country_code": "RU",
        "card_type": "credit",
        "fingerprint": "Viy7U4n4UoLAcY9MVrdVqDFdXt0=",
        "cvc_check": "unknown",
        "avs_check": "unknown"
    },
    "status": "DISABLED",
    "created_at": "2020-06-28T09:18:28+0000",
    "updated_at": "2020-06-28T09:56:35+0000"
}