Overview

API Versioning

Deprecated

dw.order

Class PaymentInstrument

Object

dw.object.PersistentObject

dw.object.ExtensibleObject

dw.customer.EncryptedObject

dw.order.PaymentInstrument

Base class for payment instrument either stored in the customers profile or related to an order. A payment instrument can be credit card or bank transfer. The object defines standard methods for credit card payment, and can be extended by attributes appropriate for other payment methods.

Note: this class handles sensitive financial and card holder data. Pay special attention to PCI DSS v3. requirements 1, 3, 7, and 9.

All Known Subclasses

CustomerPaymentInstrument, OrderPaymentInstrument

Constants

ENCRYPTION_ALGORITHM_RSA  :  String = "RSA"

The outdated encryption algorithm "RSA/ECB/PKCS1Padding". Please do not use anymore!

Deprecated:

Support for this algorithm will be removed in a future release. Please use ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA56ANDMGF1PADDING instead.

ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA_256ANDMGF1PADDING  :  String = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"

The encryption algorithm "RSA/ECB/OAEPWithSHA-256AndMGF1Padding".

METHOD_BANK_TRANSFER  :  String = "BANK_TRANSFER"

Represents a bank transfer type of payment.

METHOD_BML  :  String = "BML"

Represents a 'bill me later' type of payment.

METHOD_CREDIT_CARD  :  String = "CREDIT_CARD"

Represents a credit card type of payment.

METHOD_DW_ANDROID_PAY  :  String = "DW_ANDROID_PAY"

Represents an Android Pay payment.

METHOD_DW_APPLE_PAY  :  String = "DW_APPLE_PAY"

Represents an Apple Pay payment.

METHOD_GIFT_CERTIFICATE  :  String = "GIFT_CERTIFICATE"

Represents a gift certificate.

Properties

bankAccountDriversLicense  :  String

The driver's license number associated with the bank account if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked driver's license number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

bankAccountDriversLicenseLastDigits  :  String  (Read Only)

The last 4 characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument. If the number is empty or null it will be returned without an exception.

bankAccountDriversLicenseStateCode  :  String

The driver's license state code associated with a bank account payment instrument. Returns null for other payment methods.

bankAccountHolder  :  String

The full name of the holder of a bank account payment instrument. Returns null for other payment methods.

bankAccountNumber  :  String

The bank account number if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked bank account number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

bankAccountNumberLastDigits  :  String  (Read Only)

The last 4 characters of the decrypted bank account number. If the number is empty or null, it will be returned without an exception.

bankRoutingNumber  :  String

The bank routing number of a bank account payment instrument. Returns null for other payment methods. If account information has been masked due to the data retention security policy for the site, the return value is fully masked.

creditCardExpirationMonth  :  Number

The month of the year in which the credit card expires (1-12).

creditCardExpirationYear  :  Number

The year in which the credit card expires, such as '2004'.

creditCardExpired  :  boolean  (Read Only)

Returns true if this payment instrument represents an expired credit card. This check is only logical if the credit card expiration month and year are set. If either of these attributes are not set, then this method always returns false.

creditCardHolder  :  String

The name of the credit card owner.

creditCardIssueNumber  :  String

The credit card issue number. This attribute is only used by specific credit/debit card processors such as Solo and Switch in the UK.

creditCardNumber  :  String

The decrypted credit card number if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrument in the context of a storefront request, and the current authenticated customer is referenced by the basket or order, and the current protocol is HTTPS.
• If the customer is anonymous, and the customer is referenced by the order, and the protocol is secure and the order status is CREATED.
• If the instance is a OrderPaymentInstrument, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrument, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked credit card number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

creditCardNumberLastDigits  :  String  (Read Only)

The last 4 characters of the decrypted credit card number. If the number is empty or null it will be returned without an exception.

creditCardToken  :  String

Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key. The stored data can later reused by including the token in a request. In this way credit card processes such as authorization and capture can be implemented without being responsible for persisting the credit card data.

creditCardType  :  String

The type of the credit card.

creditCardValidFromMonth  :  Number

The month of the year in which the credit card became valid (1-12). This attribute is not used by all credit card types.

creditCardValidFromYear  :  Number

The year in which the credit card became valid, such as '2001'. This attribute is not used by all credit card types.

giftCertificateCode  :  String

The Gift Certificate code for this Payment Instrument.

giftCertificateID  :  String

The Gift Certificate ID for this Payment Instrument.

Deprecated:

Use getGiftCertificateCode()

maskedBankAccountDriversLicense  :  String  (Read Only)

The decrypted driver's license number of the bank account with all but the last 4 characters replaced with a '*' character. If the driver's license number is empty, it will be returned without an exception.

maskedBankAccountNumber  :  String  (Read Only)

The decrypted bank account number with all but the last 4 characters replaced with a '*' character. If the number is empty (i.e. "" or null), it will be returned without an exception.

maskedCreditCardNumber  :  String  (Read Only)

The decrypted credit card number with all but the last 4 characters replaced with a '*' character. If the number is empty, it will be returned without an exception.

maskedGiftCertificateCode  :  String  (Read Only)

The masked gift certificate code with all but the last 4 characters replaced with a '*' character.

paymentMethod  :  String  (Read Only)

The identifier of the payment method represented by this payment instrument.

permanentlyMasked  :  boolean  (Read Only)

Returns true if the account information for this Payment Instrument has been permanently masked as a result of the data retention security policy for the site or a creditcard tokenization, and false otherwise. When account information is masked only the last 4 digits of the credit card or bank account number are recoverable. The bank account driver's license number and bank routing number are completely masked.

Constructor Summary

This class does not have a constructor, so you cannot create it directly. To get an instance of this class, use one of the subclass constructors.

Method Summary

getBankAccountDriversLicense() : String

Returns the driver's license number associated with the bank account if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked driver's license number.

getBankAccountDriversLicenseLastDigits() : String

Returns the last 4 characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument.

getBankAccountDriversLicenseLastDigits(count : Number) : String

Returns the last specified number of characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument.

getBankAccountDriversLicenseStateCode() : String

Returns the driver's license state code associated with a bank account payment instrument.

getBankAccountHolder() : String

Returns the full name of the holder of a bank account payment instrument.

getBankAccountNumber() : String

Returns the bank account number if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked bank account number.

getBankAccountNumberLastDigits() : String

Returns the last 4 characters of the decrypted bank account number.

getBankAccountNumberLastDigits(count : Number) : String

Returns the last specified number of characters of the decrypted bank account card number.

getBankRoutingNumber() : String

Returns the bank routing number of a bank account payment instrument.

getCreditCardExpirationMonth() : Number

Returns the month of the year in which the credit card expires (1-12).

getCreditCardExpirationYear() : Number

Returns the year in which the credit card expires, such as '2004'.

getCreditCardHolder() : String

Returns the name of the credit card owner.

getCreditCardIssueNumber() : String

Returns the credit card issue number.

getCreditCardNumber() : String

Returns the decrypted credit card number if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrument in the context of a storefront request, and the current authenticated customer is referenced by the basket or order, and the current protocol is HTTPS.

getCreditCardNumberLastDigits() : String

Returns the last 4 characters of the decrypted credit card number.

getCreditCardNumberLastDigits(count : Number) : String

Returns the last specified number of characters of the decrypted credit card number.

getCreditCardToken() : String

Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key.

getCreditCardType() : String

Returns the type of the credit card.

getCreditCardValidFromMonth() : Number

Returns the month of the year in which the credit card became valid (1-12).

getCreditCardValidFromYear() : Number

Returns the year in which the credit card became valid, such as '2001'.

getEncryptedBankAccountDriversLicense(algorithm : String, publicKey : String) : String

Encrypts the driver's license number of the bank account of this object with the given algorithm and the given public key.

getEncryptedBankAccountNumber(algorithm : String, publicKey : String) : String

Encrypts the bank account number of this object with the given algorithm and the given public key.

getEncryptedCreditCardNumber(algorithm : String, publicKey : String) : String

Encrypts the credit card number of this object with the given algorithm and the given public key.

getEncryptedCreditCardNumber(algorithm : String, certificateRef : CertificateRef) : String

Encrypts the credit card number of this object with the given algorithm and the public key taken from a certificate in the keystore.

getGiftCertificateCode() : String

Returns the Gift Certificate code for this Payment Instrument.

getGiftCertificateID() : String

Returns the Gift Certificate ID for this Payment Instrument.

getMaskedBankAccountDriversLicense() : String

Returns the decrypted driver's license number of the bank account with all but the last 4 characters replaced with a '*' character.

getMaskedBankAccountDriversLicense(ignore : Number) : String

Returns the decrypted driver's license number of the bank account with all but the specified number characters replaced with a '*' character.

getMaskedBankAccountNumber() : String

Returns the decrypted bank account number with all but the last 4 characters replaced with a '*' character.

getMaskedBankAccountNumber(ignore : Number) : String

Returns the decrypted bank account number with all but the specified number characters replaced with a '*' character.

getMaskedCreditCardNumber() : String

Returns the decrypted credit card number with all but the last 4 characters replaced with a '*' character.

getMaskedCreditCardNumber(ignore : Number) : String

Returns the decrypted credit card number with all but the specified number characters replaced with a '*' character.

getMaskedGiftCertificateCode() : String

Returns the masked gift certificate code with all but the last 4 characters replaced with a '*' character.

getMaskedGiftCertificateCode(ignore : Number) : String

Returns the masked gift certificate code with all but the specified number of characters replaced with a '*' character.

getPaymentMethod() : String

Returns the identifier of the payment method represented by this payment instrument.

isCreditCardExpired() : boolean

Returns true if this payment instrument represents an expired credit card.

isPermanentlyMasked() : boolean

Returns true if the account information for this Payment Instrument has been permanently masked as a result of the data retention security policy for the site or a creditcard tokenization, and false otherwise.

setBankAccountDriversLicense(license : String) : void

Set the driver's license number associated with a bank account payment instrument.

setBankAccountDriversLicenseStateCode(stateCode : String) : void

Set the driver's license state code associated with a bank account payment instrument.

setBankAccountHolder(holder : String) : void

Set the full name of the holder of a bank account payment instrument.

setBankAccountNumber(accountNumber : String) : void

Set the bank account number of a bank account payment instrument.

setBankRoutingNumber(routingNumber : String) : void

Set the bank routing number of a bank account payment instrument.

setCreditCardExpirationMonth(aValue : Number) : void

Sets the month of the year in which the credit card expires.

setCreditCardExpirationYear(aValue : Number) : void

Sets the year in which the credit card expires, such as '2004'.

setCreditCardHolder(aValue : String) : void

Sets the name of the credit card owner.

setCreditCardIssueNumber(aValue : String) : void

Set the credit card issue number.

setCreditCardNumber(aValue : String) : void

Sets the credit card number for this payment.

setCreditCardToken(token : String) : void

Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key.

setCreditCardType(aValue : String) : void

Sets the type of the credit card.

setCreditCardValidFromMonth(aValue : Number) : void

Sets the month of the year in which the credit card became valid (1-12).

setCreditCardValidFromYear(aValue : Number) : void

Sets the year in which the credit card became valid, such as '2001'.

setGiftCertificateCode(giftCertificateCode : String) : void

Sets the Gift Certificate code for this Payment Instrument.

setGiftCertificateID(giftCertificateID : String) : void

Sets the Gift Certificate ID for this Payment Instrument.

Methods inherited from class ExtensibleObject

describe, getCustom

Methods inherited from class PersistentObject

getCreationDate, getLastModified, getUUID

Methods inherited from class Object

assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values

Method Detail

getBankAccountDriversLicense

getBankAccountDriversLicense() : String

Returns the driver's license number associated with the bank account if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked driver's license number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

Returns:

the driver's license number if the calling context meets the necessary criteria.

See Also:

isPermanentlyMasked()

---

getBankAccountDriversLicenseLastDigits

getBankAccountDriversLicenseLastDigits() : String

Returns the last 4 characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument. If the number is empty or null it will be returned without an exception.

Returns:

the last 4 characters of the de-crypted driver's license number.

---

getBankAccountDriversLicenseLastDigits

getBankAccountDriversLicenseLastDigits(count : Number) : String

Returns the last specified number of characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument. If the number is empty (i.e. "" or null), it will be returned without an exception. Note that count is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.

Parameters:

count - number of characters to be returned.

Returns:

the last specified number of characters of the decrypted driver's license number.

See Also:

isPermanentlyMasked()

---

getBankAccountDriversLicenseStateCode

getBankAccountDriversLicenseStateCode() : String

Returns the driver's license state code associated with a bank account payment instrument. Returns null for other payment methods.

Returns:

the state in which the bank account driver's license was issued.

---

getBankAccountHolder

getBankAccountHolder() : String

Returns the full name of the holder of a bank account payment instrument. Returns null for other payment methods.

Returns:

the bank account holder's full name.

---

getBankAccountNumber

getBankAccountNumber() : String

Returns the bank account number if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked bank account number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

Returns:

the bank account number if the calling context meets the necessary criteria.

See Also:

isPermanentlyMasked()

---

getBankAccountNumberLastDigits

getBankAccountNumberLastDigits() : String

Returns the last 4 characters of the decrypted bank account number. If the number is empty or null, it will be returned without an exception.

Returns:

the last 4 characters of the decrypted bank account number.

---

getBankAccountNumberLastDigits

getBankAccountNumberLastDigits(count : Number) : String

Returns the last specified number of characters of the decrypted bank account card number. If the number is empty (i.e. "" or null), it will be returned without an exception. Note that count is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.

Parameters:

count - number of characters to be returned.

Returns:

the last specified characters of the decrypted bank account number.

See Also:

isPermanentlyMasked()

---

getBankRoutingNumber

getBankRoutingNumber() : String

Returns the bank routing number of a bank account payment instrument. Returns null for other payment methods. If account information has been masked due to the data retention security policy for the site, the return value is fully masked.

Returns:

the bank account rounting number.

See Also:

isPermanentlyMasked()

---

getCreditCardExpirationMonth

getCreditCardExpirationMonth() : Number

Returns the month of the year in which the credit card expires (1-12).

Returns:

the month of the year in which the credit card expires (1-12).

---

getCreditCardExpirationYear

getCreditCardExpirationYear() : Number

Returns the year in which the credit card expires, such as '2004'.

Returns:

the year in which the credit card expires.

---

getCreditCardHolder

getCreditCardHolder() : String

Returns the name of the credit card owner.

Returns:

the name of the credit card owner.

---

getCreditCardIssueNumber

getCreditCardIssueNumber() : String

Returns the credit card issue number. This attribute is only used by specific credit/debit card processors such as Solo and Switch in the UK.

Returns:

the credit card issue number

---

getCreditCardNumber

getCreditCardNumber() : String

Returns the decrypted credit card number if the calling context meets the following criteria:

• If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
• If the instance is a OrderPaymentInstrument in the context of a storefront request, and the current authenticated customer is referenced by the basket or order, and the current protocol is HTTPS.
• If the customer is anonymous, and the customer is referenced by the order, and the protocol is secure and the order status is CREATED.
• If the instance is a OrderPaymentInstrument, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
• If the instance is a OrderPaymentInstrument, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked credit card number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

Returns:

the decrypted credit card number if the calling context meets the necessary criteria.

See Also:

isPermanentlyMasked()

---

getCreditCardNumberLastDigits

getCreditCardNumberLastDigits() : String

Returns the last 4 characters of the decrypted credit card number. If the number is empty or null it will be returned without an exception.

Returns:

the last 4 characters of the de-crypted credit card number.

---

getCreditCardNumberLastDigits

getCreditCardNumberLastDigits(count : Number) : String

Returns the last specified number of characters of the decrypted credit card number. If the number is empty (i.e. "" or null), it will be returned without an exception. Note that count is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.

Parameters:

count - number of characters to be returned.

Returns:

the last specified number of characters of the decrypted credit card number.

See Also:

isPermanentlyMasked()

---

getCreditCardToken

getCreditCardToken() : String

Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key. The stored data can later reused by including the token in a request. In this way credit card processes such as authorization and capture can be implemented without being responsible for persisting the credit card data.

Returns:

the token

---

getCreditCardType

getCreditCardType() : String

Returns the type of the credit card.

Returns:

the type of the credit card.

---

getCreditCardValidFromMonth

getCreditCardValidFromMonth() : Number

Returns the month of the year in which the credit card became valid (1-12). This attribute is not used by all credit card types.

Returns:

the month of the year in which the credit card became valid (1-12).

---

getCreditCardValidFromYear

getCreditCardValidFromYear() : Number

Returns the year in which the credit card became valid, such as '2001'. This attribute is not used by all credit card types.

Returns:

the year in which the credit card became valid

---

getEncryptedBankAccountDriversLicense

getEncryptedBankAccountDriversLicense(algorithm : String, publicKey : String) : String

Encrypts the driver's license number of the bank account of this object with the given algorithm and the given public key. Returned is the Base64 encoded representation of the result.

See also Cipher.encrypt(String, String, String, String, Number) on how to generate RSA key pairs.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Parameters:

algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:

• ENCRYPTION_ALGORITHM_RSA – outdated, please do not use anymore
• ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA56ANDMGF1PADDING – the current algorithm

publicKey - A Base64 encoded form of the public key to be used to encrypt this bank account driver's license number. Must be a valid, non-blank key.

Returns:

the Base64 encoded representation of the bank account driver's license.

Throws:

IllegalArgumentException - If algorithm is not a valid known algorithm.

IllegalArgumentException - If publicKey is a null, empty or blank string.

---

getEncryptedBankAccountNumber

getEncryptedBankAccountNumber(algorithm : String, publicKey : String) : String

Encrypts the bank account number of this object with the given algorithm and the given public key. Returned is the Base64 encoded representation of the result.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Parameters:

algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:

• ENCRYPTION_ALGORITHM_RSA – outdated, please do not use anymore
• ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA56ANDMGF1PADDING – the current algorithm

publicKey - A Base64 encoded form of the public key to be used to encrypt this credit card number. Must be a valid, non-blank key.

Returns:

the Base64 encoded representation of the bank account number.

See Also:

isPermanentlyMasked()

Throws:

IllegalArgumentException - If algorithm is not a valid known algorithm.

IllegalArgumentException - If publicKey is a null, empty or blank string.

---

getEncryptedCreditCardNumber

getEncryptedCreditCardNumber(algorithm : String, publicKey : String) : String

Encrypts the credit card number of this object with the given algorithm and the given public key. Returned is the Base64 encoded representation of the result.

See also Cipher.encrypt(String, String, String, String, Number) on how to generate RSA key pairs.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Deprecated:

Please use getEncryptedCreditCardNumber(String, CertificateRef) instead.

Parameters:

algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:

• ENCRYPTION_ALGORITHM_RSA – outdated, please do not use anymore
• ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA56ANDMGF1PADDING – the current algorithm

publicKey - A Base64 encoded form of the public key to be used to encrypt this credit card number. Must be a valid, non-blank key.

Returns:

the Base64 encoded representation of the credit card number.

See Also:

isPermanentlyMasked()

Throws:

IllegalArgumentException - If algorithm is not a valid known algorithm.

IllegalArgumentException - If publicKey is a null, empty or blank string.

---

getEncryptedCreditCardNumber

getEncryptedCreditCardNumber(algorithm : String, certificateRef : CertificateRef) : String

Encrypts the credit card number of this object with the given algorithm and the public key taken from a certificate in the keystore. Returned is the Base64 encoded representation of the result.

See also Cipher.encrypt(String, CertificateRef, String, String, Number) on how to generate RSA key pairs.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Parameters:

algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:

• ENCRYPTION_ALGORITHM_RSA – outdated, please do not use anymore
• ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA56ANDMGF1PADDING – the current algorithm

certificateRef - A reference to a trusted certificate entry containing the public key in the keystore. Must be non-null.

Returns:

the Base64 encoded representation of the credit card number.

See Also:

isPermanentlyMasked()

Throws:

IllegalArgumentException - If algorithm is not a valid known algorithm.

IllegalArgumentException - If certificateRef is null or could not be found.

---

getGiftCertificateCode

getGiftCertificateCode() : String

Returns the Gift Certificate code for this Payment Instrument.

Returns:

the Gift Certificate code or null if not set.

---

getGiftCertificateID

getGiftCertificateID() : String

Returns the Gift Certificate ID for this Payment Instrument.

Deprecated:

Use getGiftCertificateCode()

Returns:

the Gift Certificate ID or null if not set.

---

getMaskedBankAccountDriversLicense

getMaskedBankAccountDriversLicense() : String

Returns the decrypted driver's license number of the bank account with all but the last 4 characters replaced with a '*' character. If the driver's license number is empty, it will be returned without an exception.

Returns:

the decrypted driver's license number with all but the last 4 characters replaced with a '*' character.

---

getMaskedBankAccountDriversLicense

getMaskedBankAccountDriversLicense(ignore : Number) : String

Returns the decrypted driver's license number of the bank account with all but the specified number characters replaced with a '*' character. If the driver's license number is empty (i.e. "" or null), it will be returned without an exception. Note that ignore is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.

Parameters:

ignore - the number of characters to leave unmasked.

Returns:

the decrypted driver's license number with all but the specified number characters replaced with a '*' character.

See Also:

isPermanentlyMasked()

---

getMaskedBankAccountNumber

getMaskedBankAccountNumber() : String

Returns the decrypted bank account number with all but the last 4 characters replaced with a '*' character. If the number is empty (i.e. "" or null), it will be returned without an exception.

Returns:

the decrypted bank account number with all but the last 4 characters replaced with a '*' character.

---

getMaskedBankAccountNumber

getMaskedBankAccountNumber(ignore : Number) : String

Returns the decrypted bank account number with all but the specified number characters replaced with a '*' character. If the card number is empty (i.e. "" or null), it will be returned without an exception. Note that ignore is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.

Parameters:

ignore - the number of characters to leave unmasked

Returns:

the decrypted bank account number with all but the specified number of characters replaced with a '*' character.

See Also:

isPermanentlyMasked()

---

getMaskedCreditCardNumber

getMaskedCreditCardNumber() : String

Returns the decrypted credit card number with all but the last 4 characters replaced with a '*' character. If the number is empty, it will be returned without an exception.

Returns:

the decrypted credit card number with all but the last 4 characters replaced with a '*' character.

---

getMaskedCreditCardNumber

getMaskedCreditCardNumber(ignore : Number) : String

Returns the decrypted credit card number with all but the specified number characters replaced with a '*' character. If the card number is empty (i.e. "" or null), it will be returned without an exception. Note that ignore is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.

Parameters:

ignore - the number of characters to leave unmasked.

Returns:

the decrypted credit card number with all but the specified number characters replaced with a '*' character.

See Also:

isPermanentlyMasked()

---

getMaskedGiftCertificateCode

getMaskedGiftCertificateCode() : String

Returns the masked gift certificate code with all but the last 4 characters replaced with a '*' character.

Returns:

the masked gift certificate code.

---

getMaskedGiftCertificateCode

getMaskedGiftCertificateCode(ignore : Number) : String

Returns the masked gift certificate code with all but the specified number of characters replaced with a '*' character.

Parameters:

ignore - the number of characters to leave unmasked.

Returns:

the masked gift certificate code.

Throws:

IllegalArgumentException - if ignore is negative.

---

getPaymentMethod

getPaymentMethod() : String

Returns the identifier of the payment method represented by this payment instrument.

Returns:

the identifier of the payment method represented by this payment instrument.

---

isCreditCardExpired

isCreditCardExpired() : boolean

Returns true if this payment instrument represents an expired credit card. This check is only logical if the credit card expiration month and year are set. If either of these attributes are not set, then this method always returns false.

Returns:

true if this payment instrument represents an expired credit card, false otherwise

---

isPermanentlyMasked

isPermanentlyMasked() : boolean

Returns true if the account information for this Payment Instrument has been permanently masked as a result of the data retention security policy for the site or a creditcard tokenization, and false otherwise. When account information is masked only the last 4 digits of the credit card or bank account number are recoverable. The bank account driver's license number and bank routing number are completely masked.

Returns:

whether or not the account information has been masked

---

setBankAccountDriversLicense

setBankAccountDriversLicense(license : String) : void

Set the driver's license number associated with a bank account payment instrument.

Parameters:

license - the bank account holder driver's license.

---

setBankAccountDriversLicenseStateCode

setBankAccountDriversLicenseStateCode(stateCode : String) : void

Set the driver's license state code associated with a bank account payment instrument.

Parameters:

stateCode - the state in which the bank account driver's license was issued.

---

setBankAccountHolder

setBankAccountHolder(holder : String) : void

Set the full name of the holder of a bank account payment instrument.

Parameters:

holder - the bank account holder's full name.

---

setBankAccountNumber

setBankAccountNumber(accountNumber : String) : void

Set the bank account number of a bank account payment instrument.

Parameters:

accountNumber - the bank account number.

---

setBankRoutingNumber

setBankRoutingNumber(routingNumber : String) : void

Set the bank routing number of a bank account payment instrument.

Parameters:

routingNumber - the bank account rounting number.

---

setCreditCardExpirationMonth

setCreditCardExpirationMonth(aValue : Number) : void

Sets the month of the year in which the credit card expires. Permissible values are from 1 to 12.

Parameters:

aValue - the month of the year in which the credit card expires. Permissible values are from 1 to 12.

---

setCreditCardExpirationYear

setCreditCardExpirationYear(aValue : Number) : void

Sets the year in which the credit card expires, such as '2004'.

Parameters:

aValue - the year in which the credit card expires.

---

setCreditCardHolder

setCreditCardHolder(aValue : String) : void

Sets the name of the credit card owner.

Parameters:

aValue - the name of the credit card owner.

---

setCreditCardIssueNumber

setCreditCardIssueNumber(aValue : String) : void

Set the credit card issue number. This attribute is only used by specific credit/debit card processors such as Solo and Switch in the UK.

Parameters:

aValue - the credit card issue number

---

setCreditCardNumber

setCreditCardNumber(aValue : String) : void

Sets the credit card number for this payment.

Parameters:

aValue - the new value of the credit card number.

---

setCreditCardToken

setCreditCardToken(token : String) : void

Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key. The stored data can later reused by including the token in a request. In this way credit card processes such as authorization and capture can be implemented without being responsible for persisting the credit card data.

An Exception will be thrown when the token is null or blank.

When setting a credit card token, the account information (including the creditcard number) is masked and all creditcard attributes are frozen and an attempt to change will be result in an exception.

Parameters:

token - the token

See Also:

isPermanentlyMasked()

---

setCreditCardType

setCreditCardType(aValue : String) : void

Sets the type of the credit card.

Parameters:

aValue - the type of the credit card.

---

setCreditCardValidFromMonth

setCreditCardValidFromMonth(aValue : Number) : void

Sets the month of the year in which the credit card became valid (1-12). This attribute is not used by all credit card types

Parameters:

aValue - the month of the year in which the credit card became valid (1-12).

---

setCreditCardValidFromYear

setCreditCardValidFromYear(aValue : Number) : void

Sets the year in which the credit card became valid, such as '2001'. This attribute is not used by all credit card types.

Parameters:

aValue - the year in which the credit card became valid

---

setGiftCertificateCode

setGiftCertificateCode(giftCertificateCode : String) : void

Sets the Gift Certificate code for this Payment Instrument.

Parameters:

giftCertificateCode - the Gift Certificate code.

---

setGiftCertificateID

setGiftCertificateID(giftCertificateID : String) : void

Sets the Gift Certificate ID for this Payment Instrument.

Deprecated:

Use setGiftCertificateCode(String)

Parameters:

giftCertificateID - the Gift Certificate ID.

---