Anthony Farias Anthony Farias - 4 months ago 26
PHP Question

PayPal vault card data duplicate

I'm implementing PayPal vault in my app. But I noticed that the PayPal API allows to save the card data for different users, even for the same user. Is this normal? is there a way to prevent this from happening?


PayPal currently does not validate credit card information that is stored using the /vault/credit-card call. And is also allowing a single card to be attached with muitiple payers.

You may implement your own rule by checking the input card number (need to take care of PCI on your website as well), and providing a unique payer_id in this case (especially for handling cards of same user)

      "payer_id": "user12345",
      "type": "visa",
      "number": "4417119669820331",
      "expire_month": "11",
      "expire_year": "2018",
      "first_name": "Joe",
      "last_name": "Shopper"

If you included a payer_id when you stored the credit card, you'll need to include that as well when using the stored credit card.