CODEWITHSUNDEEP
androidpayment-gatewaypayfort
Bhavin Chauhan
Bhavin Chauhan

Reputation: 2010

PayFort Mobile SDK save card

I've read documentation of PayFort payment gateway . I've setup project and completed transaction with android SDK. Transaction generation and save cards are worked proper. After successful transaction (with remember card ) response is

Success Response: {"amount":"XXXX","response_code":"14000","card_number":"400555******0001","card_holder_name":"Test","payment_option":"VISA","expiry_date":"2105","customer_ip":"xxx.xx.xxx.xx","eci":"ECOMMERCE","language":"en","fort_id":"xxxxxxxxxxxxxxxxxx","command":"PURCHASE","response_message":"Success","sdk_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","authorization_code":"xxxxxx","merchant_reference":"xxxxxxxxxxxxx","customer_email":"[email protected]","token_name":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","currency":"SAR","status":"14"}

After successful transaction (without remember card ) response is

Success Response: {"amount":"XXXX","response_code":"14000","card_number":"400555******0001","card_holder_name":"Test","payment_option":"VISA","expiry_date":"2105","customer_ip":"xxx.xx.xxx.xx","eci":"ECOMMERCE","language":"en","fort_id":"xxxxxxxxxxxxxxxxxx","command":"PURCHASE","response_message":"Success","sdk_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","authorization_code":"xxxxxx","merchant_reference":"xxxxxxxxxxxxx","customer_email":"[email protected]","currency":"SAR","status":"14"}

Just token_name parameter is extra response in save card response. Now my question is that, if user saved his card detail and want to use later then how to list those saved card list? I can't get Any rest api in documentation page which list all cards. One more thing if user want to pay direct without entering card detail using that token then what's the parameters used and which API will be use for that transaction?
Note: I can see those cards detail in my payfort account.

Upvotes: 4

Views: 1912

Answers (1)

Mayank Sehgal
Mayank Sehgal

Reputation: 96

You won't be able to actually 'see' or get a list of the card details. That will be insecure on Payfort's part. All you would get is the masked card number '400555******0001' in response along with the token_name.

What you can do is this:

  1. Save these details for the particular user in your database. You might have to save a new card entry every time you find a new one in the response (this would happen when user will use different cards for different transactions and keeps the 'remember me' setting on).
  2. Then in your mobile UI or on web UI, show a dropdown with these 'masked' card numbers. For the selected card, only send the 'token_name' in your payment request.

The biggest benefit is that you don't have to save the card details and be vulnerable. Instead, just keep the token_name and get it pre-filled when redirecting to Payfort.

Upvotes: 1

Related Questions