leyton-card-duplicates | Stripe Developers | Page 1

tawdry leafBOT Aug 7, 2023, 5:30 PM

#

serene aurora Aug 7, 2023, 5:31 PM

#

Hi 👋

You can check the fingerprint of the Card object. That will uniquely identify cards and we designed it for just this kind of scenario
https://stripe.com/docs/api/payment_methods/object#payment_method_object-card-fingerprint

tawdry leafBOT Aug 7, 2023, 5:33 PM

#

sleek marsh Aug 7, 2023, 5:33 PM

#

Brilliant! When a user signs up, they add their card details, and then I use "createPaymentMethod" in js to create the payment method using the provided details. This then returns the paymentMethod, which I presume will have the fingerprint on it?

tepid holly Aug 7, 2023, 5:33 PM

#

leyton-card-duplicates

#

fingerprint is not visible client-side

#

you have to retrieve it server-side with a Secret API key, but otherwise yes

sleek marsh Aug 7, 2023, 5:35 PM

#

I see. Okay so lets say I've implemented some endpoint in my server that checks if a credit card has been used before (GET User/IsPaymentMethodUnique or something) , and within that method, I manage the get ahold of this fingerprint, then what? Is there some stripe API endpoint that I can pass the fingerprint to that will detect if it's been re-used? Or is that something I'd have to keep track of myself?

tepid holly Aug 7, 2023, 5:36 PM

#

you keep track of all of this yourself

sleek marsh Aug 7, 2023, 5:37 PM

#

Are there any PCI compliance implications regarding keeping track of card fingerprints?

tepid holly Aug 7, 2023, 5:40 PM

#

no

#

https://stripe.com/docs/security/guide#validating-pci-compliance

#

specifically the section here: https://stripe.com/docs/security/guide#out-of-scope-card-data

#

sleek marsh Aug 7, 2023, 5:41 PM

#

Oh that's great. Thank you very much for your help here, this was exactly what I needed.

#

I'm happy for you to close this thread 🙂

#leyton-card-duplicates