card.io provides fast, easy credit card scanning in mobile apps.
Please be sure to keep your app up to date with the latest version of the SDK. All releases follow semantic versioning.
The latest version is available via mavenCentral()
. Just add the following dependency:
compile 'io.card:android-sdk:5.4.2'
You can receive updates about new versions via a few different channels:
- Follow @cardio (also great to send us feedback)
- Subscribe to our card-io-sdk-announce list.
- "Watch" this GitHub repository
Also be sure to check and post to the Stack Overflow card.io tag.
The information in this guide is enough to get started. For additional details, see our javadoc.
(Note: in the past, developers needed to sign up at the card.io site and obtain an app token
. This is no longer required.)
- Rear-facing camera.
- Android SDK version 8 (Android 2.2) or later.
- armeabi-v7a, arm64-v8, x86, or x86_64 processor.
A manual entry fallback mode is provided for devices that do not meet these requirements.
compile 'io.card:android-sdk:5.4.2'
-
Edit AndroidManifest.xml. We're going to add a few additional items in here:
<uses-sdk android:minSdkVersion="8" />
-
Also in your
<manifest>
element, make sure the following permissions and features are present:<!-- Permission to vibrate - recommended, allows vibration feedback on scan --> <uses-permission android:name="android.permission.VIBRATE" /> <!-- Permission to use camera - required --> <uses-permission android:name="android.permission.CAMERA" /> <!-- Camera features - recommended --> <uses-feature android:name="android.hardware.camera" android:required="false" /> <uses-feature android:name="android.hardware.camera.autofocus" android:required="false" /> <uses-feature android:name="android.hardware.camera.flash" android:required="false" />
-
Within the
<application>
element, add activity entries:<!-- Activities responsible for gathering payment info --> <activity android:name="io.card.payment.CardIOActivity" android:configChanges="keyboardHidden|orientation" /> <activity android:name="io.card.payment.DataEntryActivity" />
First, we'll assume that you're going to launch the scanner from a button,
and that you've set the button's onClick
handler in the layout XML via android:onClick="onScanPress"
.
Then, add the method as:
public void onScanPress(View v) {
Intent scanIntent = new Intent(this, CardIOActivity.class);
// customize these values to suit your needs.
scanIntent.putExtra(CardIOActivity.EXTRA_REQUIRE_EXPIRY, true); // default: false
scanIntent.putExtra(CardIOActivity.EXTRA_REQUIRE_CVV, false); // default: false
scanIntent.putExtra(CardIOActivity.EXTRA_REQUIRE_POSTAL_CODE, false); // default: false
// MY_SCAN_REQUEST_CODE is arbitrary and is only used within this activity.
startActivityForResult(scanIntent, MY_SCAN_REQUEST_CODE);
}
Next, we'll override onActivityResult()
to get the scan result.
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
if (requestCode == MY_SCAN_REQUEST_CODE) {
String resultDisplayStr;
if (data != null && data.hasExtra(CardIOActivity.EXTRA_SCAN_RESULT)) {
CreditCard scanResult = data.getParcelableExtra(CardIOActivity.EXTRA_SCAN_RESULT);
// Never log a raw card number. Avoid displaying it, but if necessary use getFormattedCardNumber()
resultDisplayStr = "Card Number: " + scanResult.getRedactedCardNumber() + "\n";
// Do something with the raw number, e.g.:
// myService.setCardNumber( scanResult.cardNumber );
if (scanResult.isExpiryValid()) {
resultDisplayStr += "Expiration Date: " + scanResult.expiryMonth + "/" + scanResult.expiryYear + "\n";
}
if (scanResult.cvv != null) {
// Never log or display a CVV
resultDisplayStr += "CVV has " + scanResult.cvv.length() + " digits.\n";
}
if (scanResult.postalCode != null) {
resultDisplayStr += "Postal Code: " + scanResult.postalCode + "\n";
}
}
else {
resultDisplayStr = "Scan was canceled.";
}
// do something with resultDisplayStr, maybe display it in a textView
// resultTextView.setText(resultDisplayStr);
}
// else handle other activity results
}
- Javadocs are provided in this repo for a complete reference.
- Note: the correct proguard file is automatically imported into your gradle project from the
aar
package. Anyone not using gradle will need to extract the proguard file and add it to their proguard config. - card.io errors and warnings will be logged to the "card.io" tag.
- If upgrading the card.io SDK, first remove all card.io libraries so that you don't accidentally ship obsolete or unnecessary libraries. The bundled libraries may change.
- Processing images can be memory intensive.
- Memory Analysis for Android Applications provides some useful information about how to track and reduce your app's memory useage.
- card.io recommends the use of SSL pinning when transmitting sensitive information to protect against man-in-the-middle attacks.
Please read our contributing guidelines prior to submitting a Pull Request.
Please refer to this repo's license file.