2

I am using the Braintree payment gateway in my web application. I am wondering if I can get user information from it.

I can't save the card details, it's not allowed. But if I need to run another transaction for the same user, can I get his information from Braintree itself and auto-fill in the card details?

VisioN
  • 143,310
  • 32
  • 282
  • 281
Pramod
  • 2,828
  • 6
  • 31
  • 40

2 Answers2

5

I work at Braintree. If you want more information than you can easily get on Stack Overflow, please reach out to our support team.

One of the main advantages of payment gateways like Braintree is that they tokenize credit card information without you having to be exposed to it.

Basically, you use Braintree.js to encrypt the card information in the browser so your server never sees it.

Then, you pass that encrypted information on to Braintree. In return, you get a token like "xg67ba" which you can later use to charge the same card again:

result = Braintree::Transaction.sale(
  :amount => "100.00",
  :customer => {
    :first_name => "Dan",
    :last_name => "Smith"
  },
  :credit_card => {
    :number => "encryped_credit_card_number",
    :expiration_date => "encryped_expiration_date",
    :cvv => "encrypted_cvv"
  },
  :options => {
    :store_in_vault => true
  }
)

result.transaction.customer_details.id
#=> e.g. "131866"
result.transaction.credit_card_details.token
#=> e.g. "f6j8"

So the next time, it would look like:

result = Braintree::Transaction.sale(
  :amount => "10.00",
  :customer_id => "131866",
  :credit_card => {:cvv => 'encrypted_cvv'}
)

Every credit card is associated with a customer, and so if you just want to charge a customer's only / default card, you can just provide the customer id. Getting the cvv from the customer again (which no one is ever allowed to store) is recommended but not required.

agf
  • 171,228
  • 44
  • 289
  • 238
  • is that possible for android app to retrieve card information..? –  Oct 07 '14 at 05:42
  • @Pranav The card information is returned to the server, so you can then do anything with it. Generally, you'll associate it with one of your users so when they're logged in you can let them use the same information again. However, this answer is out of date -- we have a new integration method you can read about at https://developers.braintreepayments.com/ – agf Oct 07 '14 at 16:24
  • Is it okay to expose the payment method token in front-end for making it user-friendly? A good example would be an edit button `Edit` – Ikhlak S. Sep 01 '16 at 11:40
  • @user3284463 If you're verifying on the server side it's OK for that user to edit that token, then yes -- it's OK to show it, but not OK to trust it. – agf Sep 05 '16 at 19:00
1

Once you have customer Id, you can get the Customer details by using following PHP-code.

$customerId = 67222186;  
   try{
       $result = Braintree_Customer::find($customerId); 
      echo $result->id; echo "\n";
      echo $result->firstName; echo "\n";
      echo $result->lastName; echo "\n";
      echo $result->email; echo "\n";
      echo $result->phone; echo "\n";
   }  catch (Exception $e){
    echo $e->getMessage();
  }

http://www.web-technology-experts-notes.in/2015/06/manage-customer-details-in-braintree.html

Poonam Gupta
  • 416
  • 6
  • 8