Razorpay Seeks Customer Consent on Behalf of Business
Procedure to follow if you want Razorpay to collect customer consent.
If you do not intend to collect customer consent to save card details on your UI and want Razorpay to collect the consent, follow the steps below.
New cards are cards that have previously not been saved with Razorpay. Follow the steps given below to make changes in the integration code:
You can create customers using the
. Thecustomer_id received in the response should be passed in the Create Payment request.
Use the following code to Create a Payment.
<script src="https://checkout.razorpay.com/v1/razorpay.js"></script><button id="rzp-button1" style="background-color: #3399cc; color: white; font-size: 16px; font-family: sans-serif">Pay</button><script>var razorpay = new Razorpay({key: "<YOUR_KEY_ID>",image: "https://i.imgur.com/n5tjHFD.jpg",name: "Crime Master Gogo",});var data = {amount: 6666,currency: "INR",email: "gaurav.kumar@example.com",order_id: "order_ISsp1ekSCHgoAw",contact: 9123456780,notes: {address: "Ground Floor, SJR Cyber, Laskar Hosur Road, Bengaluru",},customer_id: "cust_1Aa00000000001",save: 1,method: "card",card[number]: '4242424242424242',card[expiry_month]: '11',card[expiry_year]: '23',card[cvv]: '123',card[name]: 'Gaurav Kumar'};document.getElementById("rzp-button1").onclick = function(){razorpay.createPayment(data);razorpay.on("payment.success", function(resp) {alert(resp.razorpay_payment_id)});razorpay.on("payment.error", function(resp){alert(resp.error.description)});}</script>
save
mandatory
integer Determines whether Razorpay should save customer card details as tokens with the card network. Possible values:
1: Razorpay should save customer card details as tokens with the card network.0: Razorpay should not save the card details.
card
mandatory
The details of the card that should be entered while making the payment.
number
string Unformatted card number.
name
string The name of the cardholder.
expiry_month
string Expiry month for card in MM format.
expiry_year
string Expiry year for card in YY format.
cvv
string The card's CVV number.
Handy Tips
- CVV is not required by default for tokenised cards across all networks.
- CVV is optional for tokenised card payments. Do not pass dummy CVV values.
- To implement this change, skip passing the
cvvparameter entirely, or pass anullor empty value in the CVV field. - We recommend removing the CVV field from your checkout UI/UX for tokenised cards.
- If CVV is still collected for tokenised cards and the customer enters a CVV, pass the entered CVV value to Razorpay.
customer_id
mandatory
string Unique identifier of the customer. This can be obtained from the response of the previous step.
Fetch all tokens created for a customer using the API given below.
curl -u [YOUR_KEY_ID]:[YOUR_KEY_SECRET] \-X GET https://api.razorpay.com/v1/customers/:customer_id/tokens
customer_id
string Unique identifier of the customer.
id
string The unique identifier of the Razorpay token.
entity
string The name of the entity. Here, it is token.
method
string The type of saved instrument. In the current use case, the value is card.
card
object The customer card details.
last4
string The last 4 digits of the tokenised card.
network
string The card network. Possible values:
VisaRuPayMasterCardAmerican ExpressDiners ClubBajaj FinservMaestroJCBUnion Pay
issuer
string The 4-character issuer code unique to each issuing bank in India. For example, HDFC, SBIN and so on.
type
string The type of card. Possible values:
creditdebitprepaid
international
boolean Indicates whether the card is international (issued outside India) or domestic. Possible values:
true: The card is international.false: The card is domestic.
emi
boolean Indicates whether the card is eligible for EMI payments or not. Possible values:
true: The card is eligible for EMI payments.false: The card is not eligible for EMI payments.
sub_type
string The card sub_type for the given IIN. Pricing of card payment may change on the basis of card type. Possible values:
consumerbusinessunknown
compliant_with_tokenisation_guidelines
boolean Indicates whether the token is compliant with the RBI guidelines. Possible values:
true: The token is compliant with RBI guidelines.false: The token is not compliant with RBI guidelines.
status
string The overall status for the token. Possible values:
initiated: The token attains this state after Razorpay has received the tokenisation request and is working with token service providers for creating the token.active: The token attains this state if the token is activated for at least one of the token service providers.suspended: The token attains this state if:
- The token is not activated for any one of the token service providers.
- The token is suspended for at least one of the token service providers.deactivated: The token attains this state if the token is not active/suspended for any one of the token service providers and is deactivated for at least one token service provider. Know about the complete list of .
Handy Tips
You can convert a token BIN received in response to an actual BIN using
.Use this API to retrieve card details such as network, issuer and so on for a given token.
customer_id
string Unique identifier of the customer.
token_id
string Unique identifier of the token.
id
string The unique identifier of the Razorpay token.
entity
string The name of the entity. Here, it is token.
method
string The type of saved instrument. In the current use case, the value is card.
card
object The customer card details.
last4
string The last 4 digits of the tokenised card.
network
string The card network. Possible values:
VisaRuPayMasterCardAmerican ExpressDiners ClubBajaj FinservMaestroJCBUnion Pay
issuer
string The 4-character issuer code unique to each issuing bank in India. For example, HDFC, SBIN and so on.
type
string The type of card. Possible values:
creditdebitprepaid
international
boolean Indicates whether the card is international (issued outside India) or domestic. Possible values:
true: The card is international.false: The card is domestic.
emi
boolean Indicates whether the card is eligible for EMI payments or not. Possible values:
true: The card is eligible for EMI payments.false: The card is not eligible for EMI payments.
sub_type
string The card sub_type for the given IIN. Pricing of card payment may change on the basis of card type. Possible values:
consumerbusinessunknown
compliant_with_tokenisation_guidelines
boolean Indicates whether the token is compliant with the RBI guidelines. Possible values:
true: The token is compliant with RBI guidelines.false: The token is not compliant with RBI guidelines.
status
string The overall status for the token. Possible values:
initiated: The token attains this state after Razorpay has received the tokenisation request and is working with token service providers for creating the token.active: The token attains this state if the token is activated for at least one of the token service providers.suspended: The token attains this state if:
- The token is not activated for any one of the token service providers.
- The token is suspended for at least one of the token service providers.deactivated: The token attains this state if the token is not active/suspended for any one of the token service providers and is deactivated for at least one token service provider. Know about the complete list of .
Handy Tips
You can convert a token BIN received in response to an actual BIN using
.After the card is saved, customers can quickly complete the payment for every subsequent online transaction by entering only the cvv. If Razorpay should save the card details, pass the following additional parameters to the Checkout form.
<script src="https://checkout.razorpay.com/v1/razorpay.js"></script><button id="rzp-button1" style="background-color: #3399cc; color: white; font-size: 16px; font-family: sans-serif">Pay</button><script>var razorpay = new Razorpay({key: "<YOUR_KEY_ID>",image: "https://i.imgur.com/n5tjHFD.jpg",name: "Crime Master Gogo",});var data = {amount: 6666,currency: "INR",email: "gaurav.kumar@example.com",order_id: "order_ISsp1ekSCHgoAW",contact: 9123456780,notes: {address: "Ground Floor, SJR Cyber, Laskar Hosur Road, Bengaluru",},customer_id: "cust_1Aa00000000001",token: "token_4zwefDSCC829ma",method: "card",card[cvv]: '123'};document.getElementById("rzp-button1").onclick = function(){razorpay.createPayment(data);razorpay.on("payment.success", function(resp) {alert(resp.razorpay_payment_id)});razorpay.on("payment.error", function(resp){alert(resp.error.description)});}</script>
customer_id
string Unique identifier of the customer.
token
string Unique identifier of the token saved with the card network.
card[cvv]
string CVV of the card.
Handy Tips
- CVV is not required by default for tokenised cards across all networks.
- CVV is optional for tokenised card payments. Do not pass dummy CVV values.
- To implement this change, skip passing the
cvvparameter entirely, or pass anullor empty value in the CVV field. - We recommend removing the CVV field from your checkout UI/UX for tokenised cards.
- If CVV is still collected for tokenised cards and the customer enters a CVV, pass the entered CVV value to Razorpay.
If the customers want to remove the saved cards from their respective accounts, you can use the following API to delete the tokens:
customer_id
string Unique identifier of the customer.
token
string Token of the saved method that needs to be deleted.
Customers can delete their card details. Check this
and follow the on-screen instructions.Existing cards are cards whose details have been previously saved with Razorpay on Razorpay servers.
Existing card details will be saved as network tokens by Razorpay only if:
- The
Collect Consent from Customersfeature is enabled on the Razorpay Dashboard. - The customer provides their consent on the Razorpay webpage. If the customer does not consent, the card details will not be saved.
Integrate with the following API to provide your customers with a user interface to delete their saved tokens.
Is this integration guide useful?