Retrieve Bank Identification Number (BIN)

Overview

For Enterprise clients requiring advanced fraud analysis and optimized treasury routing, the Transaction API now supports returning the unmasked Bank Identification Number (BIN).

The BIN consists of the first 6 digits of the card number. This data is exposed optionally and is strictly governed by a feature flag tied to your account's PCI compliance status (AoC).

Prerequisites & Compliance

By default, the bin field in API responses returns null for all clients to ensure Zero Leakage and strict PCI DSS compliance.

To enable this feature:

Contact Support/Account Manager: You must request the activation of the isBinExposureEnabled flag.
AoC Verification: You must provide a valid Attestation of Compliance (AoC). This feature operates on a "Pull" mechanism and is available only to clients who have demonstrated the ability to handle this data securely.

API Response Update

Once enabled, the bin field will be populated within the transaction object in transaction responses (e.g., GET /v1/transactions).

Response Structure

{
  "id": "tx_123456789",
  "status": "CAPTURED",
  "amount": 100.00,
  "currency": "USD",
  "bin": "412345",
  "paymentInstrument": {
      "method": "payment-card",
      "cardBrand": "visa",
      "last4": "1111"
  }
}

Field Definitions

bin (string | null):
If Enabled: Returns the first 6 digits of the Payment Instrument (e.g., "412345").
If Disabled (Default): Returns null.

Security & Constraints

No Full PAN: Under no circumstances will the full Primary Account Number (PAN) be exposed in this field. Only the standard BIN range (6 digits) is returned.
Audit & Logging: Access to this field is logged internally. Clients are responsible for ensuring that their ingestion of this data complies with their internal PCI DSS scope.

Overview​

Prerequisites & Compliance​

API Response Update​

Response Structure​

Field Definitions​

Security & Constraints​