Note: You may also process debit card data and obtain a token using the Toolkit Tokenization Component
The Payments API is a PCI compliant endpoint and allows for secure debit card token creation. These tokens are used within DailyPay's APIs. When a tokenized debit card is added to a user’s account they can begin to take instant transfers.
How does this work? A user's debit card data is sent via POST request to the Payments API. The debit card data is encrypted and tokenized before being returned. This tokenized card data is used for instant transfers via the Extend API.
It’s how we keep card data secure. DailyPay has a responsibility and legal requirement to protect debit card data therefore the Payments API endpoint complies with the Payment Card Industry Data Security Standards PCI DSS.
📘 Info DailyPay only handles card data during encryption and tokenization The Payments server is DailyPay’s only PCI compliant API.
Steps to create a tokenized debit card for use within DailyPay's APIs.
After you have securely collected the debit card data for a user, create a POST to the PCI-compliant Cards API with the following required parameters in this example.
Show parameters
The first name or given name of the cardholder.
The last name or surname of the cardholder.
The full card number without spaces or hyphenation.
The four-digit year of expiration for the card.
The two-digit month of the expiration date for the card.
The CVV card code.
The first line of the address associated with the card.
The second line of the address associated with the card.
The city component of the address associated with the card.
The two-letter state component of the address associated with the card.
The 5 digit zip-code component of the address associated with the card.
The two-letter ISO 3166 country code component of the address associated with the card.
https://payments.dailypay.com/v2/cards/generic
- JavaScript
- Go
- C#
- Java
- Python
- Ruby
- cURL
import { SDK } from "@dailypay/dailypay";
const sdk = new SDK();
async function run() {
const result = await sdk.cards.create({
firstName: "Edith",
lastName: "Clarke",
cardNumber: "4007589999999912",
expirationYear: "2027",
expirationMonth: "02",
cvv: "123",
addressLineOne: "123 Kebly Street",
addressLineTwo: "Unit C",
addressCity: "Fort Lee",
addressState: "NJ",
addressZipCode: "07237",
addressCountry: "US",
});
console.log(result);
}
run();The Cards API returns an opaque string representing the card details. This token is encrypted and complies with PCI DSS. You will need the token for step 3, after which it can be discarded. The token is a long string with a structure similar to a JWT:
{"token":"abc.efg.123"}Proper authorization is required to create a debit card account.
Send the encrypted token in a POST request to the accounts endpoint as the value for the token field in the details object. This will create a transfer account and allow a user to start taking transfers.
- DailyPay REST API server
https://api.dailypay.com/rest/accounts
- JavaScript
- Go
- C#
- Java
- Python
- Ruby
- cURL
import { SDK } from "@dailypay/dailypay";
const sdk = new SDK({
version: 3,
security: {
oauthClientCredentialsToken: {
clientID: "<YOUR_CLIENT_ID_HERE>",
clientSecret: "<YOUR_CLIENT_SECRET_HERE>",
tokenURL: "<YOUR_TOKEN_URL_HERE>",
},
},
});
async function run() {
const result = await sdk.accounts.create({
data: {
type: "accounts",
attributes: {
name: "Acme Bank Checking Account",
accountType: "DEPOSITORY",
subtype: "CHECKING",
depositoryAccountDetails: {
firstName: "Edith",
lastName: "Clarke",
routingNumber: "XXXXX2021",
accountNumber: "XXXXXX4321",
},
},
relationships: {
person: {
data: {
type: "people",
id: "3fa8f641-5717-4562-b3fc-2c963f66afa6",
},
},
},
},
});
console.log(result);
}
run();