Skip to content
Sign in
An image of the Stripe logo
/
Create account
Sign in
Home
Payments
Finance automation
Banking as a service
Developer tools
No-code
All products
Home
Payments
Finance automation
Home
Payments
Finance automation
Banking as a service
Developer tools
Overview
Issuing cards
    Overview
    Global Issuing
    Get started
    How Issuing works
    Choose your card offering
    Customize your program
    Add funds to your card program
    Manage fraud
    Cards
    Create cards
    Virtual cards
    Physical cards
    Manage cards
    Digital wallets
    Replacement cards
    Testing and support
    Testing physical cards
    Support
    Controls
    Spending controls
    Real-time authorizations
    SMS fraud alerts
    3D Secure
    PIN management
    Issuing Elements
    Token Management
    Funding
    Balance
    Purchases
    Authorizations
    Transactions
    Disputes
    Testing
    Merchant categories
    Issuing with Connect
    Set up an Issuing and Connect integration
    Connect funding
    Connected accounts cardholders and cards
    Additional information
    Choose a cardholder type
    Marketing guidance (Europe/UK)
    Product and marketing compliance guidance (US)
Treasury
Business financing
Issuing
·
HomeBanking as a serviceIssuing cards

Virtual cards with Issuing

Learn about virtual cards created with Issuing.

You can retrieve or display virtual card details through the Dashboard, the API, or by using Issuing Elements. PCI-DSS rules protect cardholder data, and not all methods of card information retrieval are PCI-DSS compliant.

Display virtual card details to cardholders

You can use Issuing Elements to display virtual card details to your cardholders without this information passing through your servers. This method is fully PCI-DSS compliant, and we recommend it for most Issuing users. Stripe offers Issuing Elements as a part of Stripe.js.

Retrieve virtual card details

For PCI-DSS compliance, we recommend limiting retrieval of virtual card information to the Dashboard or Issuing Elements. If you use the API to retrieve card information, or if you export virtual card information from the Dashboard, store it in a password manager or otherwise encrypt it.

You can retrieve both the full unredacted card number and CVC from the API. For security reasons, you can only use these fields with virtual cards in live mode, and we omit them unless you explicitly request them with the expand property. You can only retrieve these fields for physical cards in test mode. Additionally, you can only access them through the Retrieve a card endpoint.

Command Line
curl -G https://api.stripe.com/v1/issuing/cards \ -u "
sk_test_4eC39HqLyjWDarjtT1zdp7dc
:"
\ -d "expand[]"=number \ -d "expand[]"=cvc

Details about PCI-DSS

If you are generating virtual cards for your own use, you are not required to attain PCI-DSS compliance for Issuing activity. If you are generating virtual cards for use by your users, you may be considered a Service Provider under PCI-DSS rules. Service Providers must be PCI-DSS compliant.

If you accept payments through Stripe, read more about your PCI-DSS obligations. These obligations are in addition to requirements noted above.

Was this page helpful?
Need help? Contact Support.
Watch our developer tutorials.
Check out our product changelog.
Questions? Contact Sales.
Powered by Markdoc
You can unsubscribe at any time. Read our privacy policy.
On this page
Display virtual card details to cardholders
Retrieve virtual card details
Details about PCI-DSS
Products Used
Issuing
Stripe Shell
Test mode
Welcome to the Stripe Shell! Stripe Shell is a browser-based shell with the Stripe CLI pre-installed. Log in to your Stripe account and press Control + Backtick (`) on your keyboard to start managing your Stripe resources in test mode. - View supported Stripe commands: - Find webhook events: - Listen for webhook events: - Call Stripe APIs: stripe [api resource] [operation] (e.g., )
The Stripe Shell is best experienced on desktop.
$