Virtual cards
Learn more about virtual cards.
You can retrieve virtual card details via the Dashboard or via the API. PCI-DSS rules protect cardholder data. For PCI-DSS compliance, we recommend limiting retrieval of virtual card information to the dashboard. If the API is used to retrieve card information, or if virtual card information is exported from the Dashboard, the information should be stored in a password manager or otherwise encrypted.
You can retrieve both the full unredacted card number and CVC from the API. For security reasons, these fields are only available for virtual cards and will be omitted unless you explicitly request them with the expand parameter. Additionally, they are only available via the “Retrieve a card” endpoint.
curl https://api.stripe.com/v1/issuing/cards/ic_1Cm3paIyNTgGDVfzBqq1uqxR \ -u sk_test_4eC39HqLyjWDarjtT1zdp7dc: \ -d "expand[]"=number \ -d "expand[]"=cvc \ -G
# Set your secret key. Remember to switch to your live secret key in production! # See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' card_details = Stripe::Issuing::Card.retrieve({ id: 'ic_1Cm3paIyNTgGDVfzBqq1uqxR', expand: ['number', 'cvc'], })
# Set your secret key. Remember to switch to your live secret key in production! # See your keys here: https://dashboard.stripe.com/account/apikeys stripe.api_key = 'sk_test_4eC39HqLyjWDarjtT1zdp7dc' card_details = stripe.issuing.Card.retrieve( 'ic_1Cm3paIyNTgGDVfzBqq1uqxR', expand=['number', 'cvc'] )
// Set your secret key. Remember to switch to your live secret key in production! // See your keys here: https://dashboard.stripe.com/account/apikeys \Stripe\Stripe::setApiKey('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); $card = \Stripe\Issuing\Card::retrieve( 'id' => 'ic_1Cm3paIyNTgGDVfzBqq1uqxR', 'expand' => ['number', 'cvc'], );
// Set your secret key. Remember to switch to your live secret key in production! // See your keys here: https://dashboard.stripe.com/account/apikeys Stripe.apiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; CardRetrieveParams params = CardRetrieveParams.builder() .addAllExpand(Arrays.asList("number", "cvc")) .build(); Card card = Card.retrieve("ic_1Cm3paIyNTgGDVfzBqq1uqxR", params, null);
// Set your secret key. Remember to switch to your live secret key in production! // See your keys here: https://dashboard.stripe.com/account/apikeys const stripe = require('stripe')('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); stripe.issuing.cards.retrieve('ic_1CoYuRKEl2ztzE5GIEDjQiUI', { expand: ['number', 'cvc'], });
// Set your secret key. Remember to switch to your live secret key in production! // See your keys here: https://dashboard.stripe.com/account/apikeys stripe.Key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc" params := &stripe.CardParams{} params.AddExpand("number") params.AddExpand("cvc") c, err := card.Get("ic_1CoYuRKEl2ztzE5GIEDjQiUI", nil)
// Set your secret key. Remember to switch to your live secret key in production! // See your keys here: https://dashboard.stripe.com/account/apikeys StripeConfiguration.ApiKey = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"; var service = new CardService(); var options = new CardGetOptions(); options.AddExpand("number"); options.AddExpand("cvc"); var details = service.Get("ic_1CoYuRKEl2ztzE5GIEDjQiUI", options);
Details about PCI-DSS
If you are generating virtual cards for your own use, you are not required to attain PCI-DSS compliance for Issuing activity. If you are generating virtual cards for use by your users, you may be considered a Service Provider under PCI-DSS rules. Service Providers must be PCI-DSS compliant.
If you accept payments through Stripe, you can read more about your PCI-DSS obligations here. These obligations are in addition to requirements noted above.
Costs
Virtual cards cost 0.10 USD each.