How Reveal works
Reveal sensitive card data in native mobile applications.
The following diagram shows how the Show API works for native mobile applications.
![Show API for native mobile applications](https://files.readme.io/499440f-image.png)
Show API for native mobile applications
- The backend of your application receives a request to display card data.
- Check if the user is allows to see plain text card data.
- Assemble the request with the card and/or CVV tokens mapped to the user and submit the request to PCI Proxy.
- PCI Proxy returns a
transactionId
to your backend, which is valid for 30 minutes and can be consumed once. - Pass on the
transactionId
to the mobile application. - Call the Reveal endpoint with the
transactionId
in the body from the mobile application. - The Reveal API returns plain text card numbers and CVVs to the mobile application.
transactionId
s obtained via the Show API allows access to sensitive data.Do not store them anywhere unless absolutely necessary and consume them as soon as possible.
Updated over 1 year ago