Class PaymentInstrument
dw.order
Class PaymentInstrument
Base class for payment instrument either stored in the customers profile or related to an order. A payment instrument can be credit card or bank transfer. The object defines standard methods for credit card payment, and can be extended by attributes appropriate for other payment methods.

Note: this class handles sensitive financial and card holder data. Pay special attention to PCI DSS v3. requirements 1, 3, 7, and 9.

Constants
ENCRYPTION_ALGORITHM_RSA  :  String = "RSA"
The outdated encryption algorithm "RSA/ECB/PKCS1Padding". Please do not use anymore!
Deprecated:
Support for this algorithm will be removed in a future release. Please use ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA56ANDMGF1PADDING instead.
ENCRYPTION_ALGORITHM_RSA_ECB_OAEPWITHSHA_256ANDMGF1PADDING  :  String = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"
The encryption algorithm "RSA/ECB/OAEPWithSHA-256AndMGF1Padding".
METHOD_BANK_TRANSFER  :  String = "BANK_TRANSFER"
Represents a bank transfer type of payment.
METHOD_BML  :  String = "BML"
Represents a 'bill me later' type of payment.
METHOD_CREDIT_CARD  :  String = "CREDIT_CARD"
Represents a credit card type of payment.
METHOD_DW_ANDROID_PAY  :  String = "DW_ANDROID_PAY"
Represents an Android Pay payment.
METHOD_DW_APPLE_PAY  :  String = "DW_APPLE_PAY"
Represents an Apple Pay payment.
METHOD_GIFT_CERTIFICATE  :  String = "GIFT_CERTIFICATE"
Represents a gift certificate.
Properties
bankAccountDriversLicense  :  String
The driver's license number associated with the bank account if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked driver's license number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

bankAccountDriversLicenseLastDigits  :  String  (Read Only)
The last 4 characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument. If the number is empty or null it will be returned without an exception.
bankAccountDriversLicenseStateCode  :  String
The driver's license state code associated with a bank account payment instrument. Returns null for other payment methods.
bankAccountHolder  :  String
The full name of the holder of a bank account payment instrument. Returns null for other payment methods.
bankAccountNumber  :  String
The bank account number if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked bank account number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

bankAccountNumberLastDigits  :  String  (Read Only)
The last 4 characters of the decrypted bank account number. If the number is empty or null, it will be returned without an exception.
bankRoutingNumber  :  String
The bank routing number of a bank account payment instrument. Returns null for other payment methods. If account information has been masked due to the data retention security policy for the site, the return value is fully masked.
creditCardExpirationMonth  :  Number
The month of the year in which the credit card expires (1-12).
creditCardExpirationYear  :  Number
The year in which the credit card expires, such as '2004'.
creditCardExpired  :  boolean  (Read Only)
Returns true if this payment instrument represents an expired credit card. This check is only logical if the credit card expiration month and year are set. If either of these attributes are not set, then this method always returns false.
creditCardHolder  :  String
The name of the credit card owner.
creditCardIssueNumber  :  String
The credit card issue number. This attribute is only used by specific credit/debit card processors such as Solo and Switch in the UK.
creditCardNumber  :  String
The decrypted credit card number if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrument in the context of a storefront request, and the current authenticated customer is referenced by the basket or order, and the current protocol is HTTPS.
  • If the customer is anonymous, and the customer is referenced by the order, and the protocol is secure and the order status is CREATED.
  • If the instance is a OrderPaymentInstrument, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrument, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked credit card number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

creditCardNumberLastDigits  :  String  (Read Only)
The last 4 characters of the decrypted credit card number. If the number is empty or null it will be returned without an exception.
creditCardToken  :  String
Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key. The stored data can later reused by including the token in a request. In this way credit card processes such as authorization and capture can be implemented without being responsible for persisting the credit card data.
creditCardType  :  String
The type of the credit card.
creditCardValidFromMonth  :  Number
The month of the year in which the credit card became valid (1-12). This attribute is not used by all credit card types.
creditCardValidFromYear  :  Number
The year in which the credit card became valid, such as '2001'. This attribute is not used by all credit card types.
giftCertificateCode  :  String
The Gift Certificate code for this Payment Instrument.
giftCertificateID  :  String
The Gift Certificate ID for this Payment Instrument.
Deprecated:
maskedBankAccountDriversLicense  :  String  (Read Only)
The decrypted driver's license number of the bank account with all but the last 4 characters replaced with a '*' character. If the driver's license number is empty, it will be returned without an exception.
maskedBankAccountNumber  :  String  (Read Only)
The decrypted bank account number with all but the last 4 characters replaced with a '*' character. If the number is empty (i.e. "" or null), it will be returned without an exception.
maskedCreditCardNumber  :  String  (Read Only)
The decrypted credit card number with all but the last 4 characters replaced with a '*' character. If the number is empty, it will be returned without an exception.
maskedGiftCertificateCode  :  String  (Read Only)
The masked gift certificate code with all but the last 4 characters replaced with a '*' character.
paymentMethod  :  String  (Read Only)
The identifier of the payment method represented by this payment instrument.
permanentlyMasked  :  boolean  (Read Only)
Returns true if the account information for this Payment Instrument has been permanently masked as a result of the data retention security policy for the site or a creditcard tokenization, and false otherwise. When account information is masked only the last 4 digits of the credit card or bank account number are recoverable. The bank account driver's license number and bank routing number are completely masked.
Constructor Summary
This class does not have a constructor, so you cannot create it directly. To get an instance of this class, use one of the subclass constructors.
Method Summary
getBankAccountDriversLicense() : String
Returns the driver's license number associated with the bank account if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked driver's license number.

getBankAccountDriversLicenseLastDigits() : String
Returns the last 4 characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument.
getBankAccountDriversLicenseLastDigits(count : Number) : String
Returns the last specified number of characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument.
getBankAccountDriversLicenseStateCode() : String
Returns the driver's license state code associated with a bank account payment instrument.
getBankAccountHolder() : String
Returns the full name of the holder of a bank account payment instrument.
getBankAccountNumber() : String
Returns the bank account number if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked bank account number.

getBankAccountNumberLastDigits() : String
Returns the last 4 characters of the decrypted bank account number.
getBankAccountNumberLastDigits(count : Number) : String
Returns the last specified number of characters of the decrypted bank account card number.
getBankRoutingNumber() : String
Returns the bank routing number of a bank account payment instrument.
getCreditCardExpirationMonth() : Number
Returns the month of the year in which the credit card expires (1-12).
getCreditCardExpirationYear() : Number
Returns the year in which the credit card expires, such as '2004'.
getCreditCardHolder() : String
Returns the name of the credit card owner.
getCreditCardIssueNumber() : String
Returns the credit card issue number.
getCreditCardNumber() : String
Returns the decrypted credit card number if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrument in the context of a storefront request, and the current authenticated customer is referenced by the basket or order, and the current protocol is HTTPS.
getCreditCardNumberLastDigits() : String
Returns the last 4 characters of the decrypted credit card number.
getCreditCardNumberLastDigits(count : Number) : String
Returns the last specified number of characters of the decrypted credit card number.
getCreditCardToken() : String
Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key.
getCreditCardType() : String
Returns the type of the credit card.
getCreditCardValidFromMonth() : Number
Returns the month of the year in which the credit card became valid (1-12).
getCreditCardValidFromYear() : Number
Returns the year in which the credit card became valid, such as '2001'.
getEncryptedBankAccountDriversLicense(algorithm : String, publicKey : String) : String
Encrypts the driver's license number of the bank account of this object with the given algorithm and the given public key.
getEncryptedBankAccountNumber(algorithm : String, publicKey : String) : String
Encrypts the bank account number of this object with the given algorithm and the given public key.
getEncryptedCreditCardNumber(algorithm : String, publicKey : String) : String
Encrypts the credit card number of this object with the given algorithm and the given public key.
getEncryptedCreditCardNumber(algorithm : String, certificateRef : CertificateRef) : String
Encrypts the credit card number of this object with the given algorithm and the public key taken from a certificate in the keystore.
getGiftCertificateCode() : String
Returns the Gift Certificate code for this Payment Instrument.
getGiftCertificateID() : String
Returns the Gift Certificate ID for this Payment Instrument.
getMaskedBankAccountDriversLicense() : String
Returns the decrypted driver's license number of the bank account with all but the last 4 characters replaced with a '*' character.
getMaskedBankAccountDriversLicense(ignore : Number) : String
Returns the decrypted driver's license number of the bank account with all but the specified number characters replaced with a '*' character.
getMaskedBankAccountNumber() : String
Returns the decrypted bank account number with all but the last 4 characters replaced with a '*' character.
getMaskedBankAccountNumber(ignore : Number) : String
Returns the decrypted bank account number with all but the specified number characters replaced with a '*' character.
getMaskedCreditCardNumber() : String
Returns the decrypted credit card number with all but the last 4 characters replaced with a '*' character.
getMaskedCreditCardNumber(ignore : Number) : String
Returns the decrypted credit card number with all but the specified number characters replaced with a '*' character.
getMaskedGiftCertificateCode() : String
Returns the masked gift certificate code with all but the last 4 characters replaced with a '*' character.
getMaskedGiftCertificateCode(ignore : Number) : String
Returns the masked gift certificate code with all but the specified number of characters replaced with a '*' character.
getPaymentMethod() : String
Returns the identifier of the payment method represented by this payment instrument.
isCreditCardExpired() : boolean
Returns true if this payment instrument represents an expired credit card.
isPermanentlyMasked() : boolean
Returns true if the account information for this Payment Instrument has been permanently masked as a result of the data retention security policy for the site or a creditcard tokenization, and false otherwise.
setBankAccountDriversLicense(license : String) : void
Set the driver's license number associated with a bank account payment instrument.
setBankAccountDriversLicenseStateCode(stateCode : String) : void
Set the driver's license state code associated with a bank account payment instrument.
setBankAccountHolder(holder : String) : void
Set the full name of the holder of a bank account payment instrument.
setBankAccountNumber(accountNumber : String) : void
Set the bank account number of a bank account payment instrument.
setBankRoutingNumber(routingNumber : String) : void
Set the bank routing number of a bank account payment instrument.
setCreditCardExpirationMonth(aValue : Number) : void
Sets the month of the year in which the credit card expires.
setCreditCardExpirationYear(aValue : Number) : void
Sets the year in which the credit card expires, such as '2004'.
setCreditCardHolder(aValue : String) : void
Sets the name of the credit card owner.
setCreditCardIssueNumber(aValue : String) : void
Set the credit card issue number.
setCreditCardNumber(aValue : String) : void
Sets the credit card number for this payment.
setCreditCardToken(token : String) : void
Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key.
setCreditCardType(aValue : String) : void
Sets the type of the credit card.
setCreditCardValidFromMonth(aValue : Number) : void
Sets the month of the year in which the credit card became valid (1-12).
setCreditCardValidFromYear(aValue : Number) : void
Sets the year in which the credit card became valid, such as '2001'.
setGiftCertificateCode(giftCertificateCode : String) : void
Sets the Gift Certificate code for this Payment Instrument.
setGiftCertificateID(giftCertificateID : String) : void
Sets the Gift Certificate ID for this Payment Instrument.
Methods inherited from class ExtensibleObject
Methods inherited from class PersistentObject
Method Detail
getBankAccountDriversLicense
getBankAccountDriversLicense() : String
Returns the driver's license number associated with the bank account if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked driver's license number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

Returns:
the driver's license number if the calling context meets the necessary criteria.

getBankAccountDriversLicenseLastDigits
getBankAccountDriversLicenseLastDigits() : String
Returns the last 4 characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument. If the number is empty or null it will be returned without an exception.
Returns:
the last 4 characters of the de-crypted driver's license number.

getBankAccountDriversLicenseLastDigits
getBankAccountDriversLicenseLastDigits(count : Number) : String
Returns the last specified number of characters of the decrypted driver's license number of the bank account associated with this PaymentInstrument. If the number is empty (i.e. "" or null), it will be returned without an exception. Note that count is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.
Parameters:
count - number of characters to be returned.
Returns:
the last specified number of characters of the decrypted driver's license number.

getBankAccountDriversLicenseStateCode
getBankAccountDriversLicenseStateCode() : String
Returns the driver's license state code associated with a bank account payment instrument. Returns null for other payment methods.
Returns:
the state in which the bank account driver's license was issued.

getBankAccountHolder
getBankAccountHolder() : String
Returns the full name of the holder of a bank account payment instrument. Returns null for other payment methods.
Returns:
the bank account holder's full name.

getBankAccountNumber
getBankAccountNumber() : String
Returns the bank account number if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a storefront request, and the current customer is identical to the customer related to the basket, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrumentInfo, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrumentInfo, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked bank account number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

Returns:
the bank account number if the calling context meets the necessary criteria.

getBankAccountNumberLastDigits
getBankAccountNumberLastDigits() : String
Returns the last 4 characters of the decrypted bank account number. If the number is empty or null, it will be returned without an exception.
Returns:
the last 4 characters of the decrypted bank account number.

getBankAccountNumberLastDigits
getBankAccountNumberLastDigits(count : Number) : String
Returns the last specified number of characters of the decrypted bank account card number. If the number is empty (i.e. "" or null), it will be returned without an exception. Note that count is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.
Parameters:
count - number of characters to be returned.
Returns:
the last specified characters of the decrypted bank account number.

getBankRoutingNumber
getBankRoutingNumber() : String
Returns the bank routing number of a bank account payment instrument. Returns null for other payment methods. If account information has been masked due to the data retention security policy for the site, the return value is fully masked.
Returns:
the bank account rounting number.

getCreditCardExpirationMonth
getCreditCardExpirationMonth() : Number
Returns the month of the year in which the credit card expires (1-12).
Returns:
the month of the year in which the credit card expires (1-12).

getCreditCardExpirationYear
getCreditCardExpirationYear() : Number
Returns the year in which the credit card expires, such as '2004'.
Returns:
the year in which the credit card expires.

getCreditCardHolder
getCreditCardHolder() : String
Returns the name of the credit card owner.
Returns:
the name of the credit card owner.

getCreditCardIssueNumber
getCreditCardIssueNumber() : String
Returns the credit card issue number. This attribute is only used by specific credit/debit card processors such as Solo and Switch in the UK.
Returns:
the credit card issue number

getCreditCardNumber
getCreditCardNumber() : String
Returns the decrypted credit card number if the calling context meets the following criteria:
  • If the instance is a CustomerPaymentInstrument, and we are in the context of a storefront request, and the current customer is registered and authenticated, and the payment instrument is associated to the profile of the current customer, and the current protocol is HTTPS
  • If the instance is a OrderPaymentInstrument in the context of a storefront request, and the current authenticated customer is referenced by the basket or order, and the current protocol is HTTPS.
  • If the customer is anonymous, and the customer is referenced by the order, and the protocol is secure and the order status is CREATED.
  • If the instance is a OrderPaymentInstrument, and we are in the context of a business manager request, and the current user has the permission MANAGE_ORDERS
  • If the instance is a OrderPaymentInstrument, and the account information has not been masked as a result of the data retention security policy for the site

Otherwise, the method returns the masked credit card number. If a basket is reopened with OrderMgr.failOrder(Order, Boolean), it always masks sensitive information because during order creation, basket payment information is permanently masked.

Returns:
the decrypted credit card number if the calling context meets the necessary criteria.

getCreditCardNumberLastDigits
getCreditCardNumberLastDigits() : String
Returns the last 4 characters of the decrypted credit card number. If the number is empty or null it will be returned without an exception.
Returns:
the last 4 characters of the de-crypted credit card number.

getCreditCardNumberLastDigits
getCreditCardNumberLastDigits(count : Number) : String
Returns the last specified number of characters of the decrypted credit card number. If the number is empty (i.e. "" or null), it will be returned without an exception. Note that count is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.
Parameters:
count - number of characters to be returned.
Returns:
the last specified number of characters of the decrypted credit card number.

getCreditCardToken
getCreditCardToken() : String
Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key. The stored data can later reused by including the token in a request. In this way credit card processes such as authorization and capture can be implemented without being responsible for persisting the credit card data.
Returns:
the token

getCreditCardType
getCreditCardType() : String
Returns the type of the credit card.
Returns:
the type of the credit card.

getCreditCardValidFromMonth
getCreditCardValidFromMonth() : Number
Returns the month of the year in which the credit card became valid (1-12). This attribute is not used by all credit card types.
Returns:
the month of the year in which the credit card became valid (1-12).

getCreditCardValidFromYear
getCreditCardValidFromYear() : Number
Returns the year in which the credit card became valid, such as '2001'. This attribute is not used by all credit card types.
Returns:
the year in which the credit card became valid

getEncryptedBankAccountDriversLicense
getEncryptedBankAccountDriversLicense(algorithm : String, publicKey : String) : String
Encrypts the driver's license number of the bank account of this object with the given algorithm and the given public key. Returned is the Base64 encoded representation of the result.

See also Cipher.encrypt(String, String, String, String, Number) on how to generate RSA key pairs.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Parameters:
algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:
publicKey - A Base64 encoded form of the public key to be used to encrypt this bank account driver's license number. Must be a valid, non-blank key.
Returns:
the Base64 encoded representation of the bank account driver's license.
Throws:
IllegalArgumentException - If algorithm is not a valid known algorithm.
IllegalArgumentException - If publicKey is a null, empty or blank string.

getEncryptedBankAccountNumber
getEncryptedBankAccountNumber(algorithm : String, publicKey : String) : String
Encrypts the bank account number of this object with the given algorithm and the given public key. Returned is the Base64 encoded representation of the result.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Parameters:
algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:
publicKey - A Base64 encoded form of the public key to be used to encrypt this credit card number. Must be a valid, non-blank key.
Returns:
the Base64 encoded representation of the bank account number.
Throws:
IllegalArgumentException - If algorithm is not a valid known algorithm.
IllegalArgumentException - If publicKey is a null, empty or blank string.

getEncryptedCreditCardNumber
getEncryptedCreditCardNumber(algorithm : String, publicKey : String) : String
Encrypts the credit card number of this object with the given algorithm and the given public key. Returned is the Base64 encoded representation of the result.

See also Cipher.encrypt(String, String, String, String, Number) on how to generate RSA key pairs.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Parameters:
algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:
publicKey - A Base64 encoded form of the public key to be used to encrypt this credit card number. Must be a valid, non-blank key.
Returns:
the Base64 encoded representation of the credit card number.
Throws:
IllegalArgumentException - If algorithm is not a valid known algorithm.
IllegalArgumentException - If publicKey is a null, empty or blank string.

getEncryptedCreditCardNumber
getEncryptedCreditCardNumber(algorithm : String, certificateRef : CertificateRef) : String
Encrypts the credit card number of this object with the given algorithm and the public key taken from a certificate in the keystore. Returned is the Base64 encoded representation of the result.

See also Cipher.encrypt(String, CertificateRef, String, String, Number) on how to generate RSA key pairs.

If account information has been masked due to the data retention security policy for the site, the returned value is the Base64 encoded representation of the encrypted form of the masked number.

Parameters:
algorithm - The algorithm to be used for the encryption of this credit card number. Must be a valid, non-null algorithm. Currently, only the following algorithms are supported:
certificateRef - A reference to a trusted certificate entry containing the public key in the keystore. Must be non-null.
Returns:
the Base64 encoded representation of the credit card number.
Throws:
IllegalArgumentException - If algorithm is not a valid known algorithm.
IllegalArgumentException - If certificateRef is null or could not be found.

getGiftCertificateCode
getGiftCertificateCode() : String
Returns the Gift Certificate code for this Payment Instrument.
Returns:
the Gift Certificate code or null if not set.

getGiftCertificateID
getGiftCertificateID() : String
Returns the Gift Certificate ID for this Payment Instrument.
Deprecated:
Returns:
the Gift Certificate ID or null if not set.

getMaskedBankAccountDriversLicense
getMaskedBankAccountDriversLicense() : String
Returns the decrypted driver's license number of the bank account with all but the last 4 characters replaced with a '*' character. If the driver's license number is empty, it will be returned without an exception.
Returns:
the decrypted driver's license number with all but the last 4 characters replaced with a '*' character.

getMaskedBankAccountDriversLicense
getMaskedBankAccountDriversLicense(ignore : Number) : String
Returns the decrypted driver's license number of the bank account with all but the specified number characters replaced with a '*' character. If the driver's license number is empty (i.e. "" or null), it will be returned without an exception. Note that ignore is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.
Parameters:
ignore - the number of characters to leave unmasked.
Returns:
the decrypted driver's license number with all but the specified number characters replaced with a '*' character.

getMaskedBankAccountNumber
getMaskedBankAccountNumber() : String
Returns the decrypted bank account number with all but the last 4 characters replaced with a '*' character. If the number is empty (i.e. "" or null), it will be returned without an exception.
Returns:
the decrypted bank account number with all but the last 4 characters replaced with a '*' character.

getMaskedBankAccountNumber
getMaskedBankAccountNumber(ignore : Number) : String
Returns the decrypted bank account number with all but the specified number characters replaced with a '*' character. If the card number is empty (i.e. "" or null), it will be returned without an exception. Note that ignore is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.
Parameters:
ignore - the number of characters to leave unmasked
Returns:
the decrypted bank account number with all but the specified number of characters replaced with a '*' character.

getMaskedCreditCardNumber
getMaskedCreditCardNumber() : String
Returns the decrypted credit card number with all but the last 4 characters replaced with a '*' character. If the number is empty, it will be returned without an exception.
Returns:
the decrypted credit card number with all but the last 4 characters replaced with a '*' character.

getMaskedCreditCardNumber
getMaskedCreditCardNumber(ignore : Number) : String
Returns the decrypted credit card number with all but the specified number characters replaced with a '*' character. If the card number is empty (i.e. "" or null), it will be returned without an exception. Note that ignore is limited to 4 in an unsecure environment, and if account information for this payment instrument has been masked due to the data retention security policy for the site.
Parameters:
ignore - the number of characters to leave unmasked.
Returns:
the decrypted credit card number with all but the specified number characters replaced with a '*' character.

getMaskedGiftCertificateCode
getMaskedGiftCertificateCode() : String
Returns the masked gift certificate code with all but the last 4 characters replaced with a '*' character.
Returns:
the masked gift certificate code.

getMaskedGiftCertificateCode
getMaskedGiftCertificateCode(ignore : Number) : String
Returns the masked gift certificate code with all but the specified number of characters replaced with a '*' character.
Parameters:
ignore - the number of characters to leave unmasked.
Returns:
the masked gift certificate code.
Throws:
IllegalArgumentException - if ignore is negative.

getPaymentMethod
getPaymentMethod() : String
Returns the identifier of the payment method represented by this payment instrument.
Returns:
the identifier of the payment method represented by this payment instrument.

isCreditCardExpired
isCreditCardExpired() : boolean
Returns true if this payment instrument represents an expired credit card. This check is only logical if the credit card expiration month and year are set. If either of these attributes are not set, then this method always returns false.
Returns:
true if this payment instrument represents an expired credit card, false otherwise

isPermanentlyMasked
isPermanentlyMasked() : boolean
Returns true if the account information for this Payment Instrument has been permanently masked as a result of the data retention security policy for the site or a creditcard tokenization, and false otherwise. When account information is masked only the last 4 digits of the credit card or bank account number are recoverable. The bank account driver's license number and bank routing number are completely masked.
Returns:
whether or not the account information has been masked

setBankAccountDriversLicense
setBankAccountDriversLicense(license : String) : void
Set the driver's license number associated with a bank account payment instrument.
Parameters:
license - the bank account holder driver's license.

setBankAccountDriversLicenseStateCode
setBankAccountDriversLicenseStateCode(stateCode : String) : void
Set the driver's license state code associated with a bank account payment instrument.
Parameters:
stateCode - the state in which the bank account driver's license was issued.

setBankAccountHolder
setBankAccountHolder(holder : String) : void
Set the full name of the holder of a bank account payment instrument.
Parameters:
holder - the bank account holder's full name.

setBankAccountNumber
setBankAccountNumber(accountNumber : String) : void
Set the bank account number of a bank account payment instrument.
Parameters:
accountNumber - the bank account number.

setBankRoutingNumber
setBankRoutingNumber(routingNumber : String) : void
Set the bank routing number of a bank account payment instrument.
Parameters:
routingNumber - the bank account rounting number.

setCreditCardExpirationMonth
setCreditCardExpirationMonth(aValue : Number) : void
Sets the month of the year in which the credit card expires. Permissible values are from 1 to 12.
Parameters:
aValue - the month of the year in which the credit card expires. Permissible values are from 1 to 12.

setCreditCardExpirationYear
setCreditCardExpirationYear(aValue : Number) : void
Sets the year in which the credit card expires, such as '2004'.
Parameters:
aValue - the year in which the credit card expires.

setCreditCardHolder
setCreditCardHolder(aValue : String) : void
Sets the name of the credit card owner.
Parameters:
aValue - the name of the credit card owner.

setCreditCardIssueNumber
setCreditCardIssueNumber(aValue : String) : void
Set the credit card issue number. This attribute is only used by specific credit/debit card processors such as Solo and Switch in the UK.
Parameters:
aValue - the credit card issue number

setCreditCardNumber
setCreditCardNumber(aValue : String) : void
Sets the credit card number for this payment.
Parameters:
aValue - the new value of the credit card number.

setCreditCardToken
setCreditCardToken(token : String) : void
Secure credit card data can be replaced by a token by utilizing a tokenization provider, which securely stores the credit card data using the token as a key. The stored data can later reused by including the token in a request. In this way credit card processes such as authorization and capture can be implemented without being responsible for persisting the credit card data.

An Exception will be thrown when the token is null or blank.

When setting a credit card token, the account information (including the creditcard number) is masked and all creditcard attributes are frozen and an attempt to change will be result in an exception.

Parameters:
token - the token

setCreditCardType
setCreditCardType(aValue : String) : void
Sets the type of the credit card.
Parameters:
aValue - the type of the credit card.

setCreditCardValidFromMonth
setCreditCardValidFromMonth(aValue : Number) : void
Sets the month of the year in which the credit card became valid (1-12). This attribute is not used by all credit card types
Parameters:
aValue - the month of the year in which the credit card became valid (1-12).

setCreditCardValidFromYear
setCreditCardValidFromYear(aValue : Number) : void
Sets the year in which the credit card became valid, such as '2001'. This attribute is not used by all credit card types.
Parameters:
aValue - the year in which the credit card became valid

setGiftCertificateCode
setGiftCertificateCode(giftCertificateCode : String) : void
Sets the Gift Certificate code for this Payment Instrument.
Parameters:
giftCertificateCode - the Gift Certificate code.

setGiftCertificateID
setGiftCertificateID(giftCertificateID : String) : void
Sets the Gift Certificate ID for this Payment Instrument.
Parameters:
giftCertificateID - the Gift Certificate ID.