DocumentationAPI Reference
API Reference

If the merchant adheres to the requirements of PCI DSS SAQ-A-EP, card details may be added to the checkout, authorize, and/or openContract request in the card query string parameter, separate from the main request body. Consequently, the card details are not included in the signature calculation. Card details may also be passed to Reach via the Stash request.

FieldTypeRequiredNotes
NumberstringYesThe card number, without punctuation or whitespace.
NamestringYesThe name of the cardholder as it appears on the card.
ExpiryobjectYesThe expiration date of the card.
> YearintegerYesThe expiry year, unabbreviated (ex. 2020).
> MonthintegerYesThe expiry month, 1-12.
VerificationCodestringYesThe card verification code. Although these are typically digits, leading zeros are significant so this must be transmitted as a string.