Card Verification Value (CVV)

This section provides instructions on how to manage a card's Card Verification Value (CVV). A card's CVV is the number printed on the back of the card, which is used to authorise online and Mail Order Telephone Order (MOTO) transactions between a merchant and cardholder. This provides an additional layer of security for online and MOTO transactions.

A card's CVV is randomly allocated as part of the Create Card API call. To find out more about creating cards, see Creating a Card.

After card creation, the Cards API enables you to:

  • Retrieve a card's CVV
  • Unblock a card's CVV when the maximum number of attempts have been exceeded
  • Get the card's CVV status

Retrieve a Card's CVV

Step 1: Identify the card's public token

Before retrieving a card's CVV, identify the corresponding public token relating to the card. This is returned in the response to creating a card within the publicToken object.

Step 2: Get the card's CVV

After identifying the card's public token, execute a GET call to the cards CVV endpoint.

👍

API Explorer

See the Retrieve card CVV endpoint for more information.

A successful response will return a 200 http code with the value of the card's CVV in the response body.

Unblock a Card's CVV

Step 1: Identify the card's public token

Before retrieving a card's CVV, identify the corresponding public token relating to the card. This is returned in the response to creating a card within the publicToken object.

Step 2: Get the card's CVV

After identifying the card's public token, execute a POST call to the cards CVV endpoint.

👍

API Explorer

See the Unblock card CVV endpoint for more information.

A successful response will return a 204 HTTP code - success no response.

Get CVV Status

Use the Get CVV Status endpoint to retrieve the current status of the CVV of the card. A CVV can have have a status of:

  • Unblocked
  • Blocked

You can retrieve the CVV status of the card by making a GET request to the endpoint. For example:

{{base-url}}/cards/{{publicToken}}/cvv/status

A successful response will return a HTTP 200 response code and payload which includes the current status. For example:

{
    "status": "Unblocked"
}