Card ValidatorCard Validator API

OnlineCredit Usage:1 per callRefreshed 1 month ago
avg: 809ms|p50: 756ms|p75: 845ms|p90: 951ms|p99: 1165ms

Overview

To use Card Validator, you need an API key. You can get one by creating a free account and visiting your dashboard.

GET Endpoint

URL
https://api.apiverve.com/v1/cardvalidator

Example

How to call the Card Validator API in different programming languages.

cURL Request
curl -X GET \
  "https://api.apiverve.com/v1/cardvalidator?number=4900264223817524" \
  -H "X-API-Key: your_api_key_here"
JavaScript (Fetch API)
const response = await fetch('https://api.apiverve.com/v1/cardvalidator?number=4900264223817524', {
  method: 'GET',
  headers: {
    'X-API-Key': 'your_api_key_here',
    'Content-Type': 'application/json'
  }
});

const data = await response.json();
console.log(data);
Python (Requests)
import requests

headers = {
    'X-API-Key': 'your_api_key_here',
    'Content-Type': 'application/json'
}

response = requests.get('https://api.apiverve.com/v1/cardvalidator?number=4900264223817524', headers=headers)

data = response.json()
print(data)
Go (net/http)
package main

import (
    "fmt"
    "io"
    "net/http"

)

func main() {
    req, _ := http.NewRequest("GET", "https://api.apiverve.com/v1/cardvalidator?number=4900264223817524", nil)

    req.Header.Set("X-API-Key", "your_api_key_here")
    req.Header.Set("Content-Type", "application/json")

    client := &http.Client{}
    resp, err := client.Do(req)
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()

    body, _ := io.ReadAll(resp.Body)
    fmt.Println(string(body))
}
Example Response
{
  "status": "ok",
  "error": null,
  "data": {
    "card": {
      "niceType": "Visa",
      "type": "visa",
      "patterns": [
        4
      ],
      "gaps": [
        4,
        8,
        12
      ],
      "lengths": [
        16,
        18,
        19
      ],
      "code": {
        "name": "CVV",
        "size": 3
      },
      "matchStrength": 1
    },
    "brand": "Visa",
    "cardNumber": "4900264223817524",
    "bin": "490026",
    "last4": "7524",
    "isValid": true,
    "isPotentiallyValid": true,
    "isTestCard": false,
    "riskScore": 0,
    "riskLevel": "low"
  }
}

Authentication

The Card Validator API requires authentication via API key. Include your API key in the request header:

Required Header
X-API-Key: your_api_key_here

Learn more about authentication →

Interactive API Playground

Test the Card Validator API directly in your browser with live requests and responses.

Parameters

The following parameters are available for the Card Validator API:

Validate Card Number

ParameterTypeRequiredDescriptionDefaultExample
numberstringrequired
The card number to validate
Length: 13 - 19 chars
-4900264223817524

Response

The Card Validator API returns responses in JSON, XML, YAML, and CSV formats. The JSON response is shown in the Example section above; alternative formats below.

Other Response Formats

XML Response
200 OK
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <status>ok</status>
  <error xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
  <data>
    <card>
      <niceType>Visa</niceType>
      <type>visa</type>
      <patterns>
        <pattern>4</pattern>
      </patterns>
      <gaps>
        <gap>4</gap>
        <gap>8</gap>
        <gap>12</gap>
      </gaps>
      <lengths>
        <length>16</length>
        <length>18</length>
        <length>19</length>
      </lengths>
      <code>
        <name>CVV</name>
        <size>3</size>
      </code>
      <matchStrength>1</matchStrength>
    </card>
    <brand>Visa</brand>
    <cardNumber>4900264223817524</cardNumber>
    <bin>490026</bin>
    <last4>7524</last4>
    <isValid>true</isValid>
    <isPotentiallyValid>true</isPotentiallyValid>
    <isTestCard>false</isTestCard>
    <riskScore>0</riskScore>
    <riskLevel>low</riskLevel>
  </data>
</response>
YAML Response
200 OK
status: ok
error: null
data:
  card:
    niceType: Visa
    type: visa
    patterns:
      - 4
    gaps:
      - 4
      - 8
      - 12
    lengths:
      - 16
      - 18
      - 19
    code:
      name: CVV
      size: 3
    matchStrength: 1
  brand: Visa
  cardNumber: '4900264223817524'
  bin: '490026'
  last4: '7524'
  isValid: true
  isPotentiallyValid: true
  isTestCard: false
  riskScore: 0
  riskLevel: low
CSV Response
200 OK
keyvalue
card{niceType:Visa,type:visa,patterns:[4],gaps:[4,8,12],lengths:[16,18,19],code:{name:CVV,size:3},matchStrength:1}
brandVisa
cardNumber4900264223817524
bin490026
last47524
isValidtrue
isPotentiallyValidtrue
isTestCardfalse
riskScore0
riskLevellow

Response Structure

All API responses follow a consistent structure with the following fields:

FieldTypeDescriptionExample
statusstringIndicates whether the request was successful ("ok") or failed ("error")ok
errorstring | nullContains error message if status is "error", otherwise nullnull
dataobject | nullContains the API response data if successful, otherwise null{...}

Learn more about response formats →

Response Data Fields

When the request is successful, the data object contains the following fields:

Response fields marked with Premium are available exclusively on paid plans.View pricing
FieldTypeSample ValueDescription
cardobject{...}
Card identification and validation details
niceTypestring"Visa"
Human-readable card type name like Visa
typePremiumstring"visa"
Machine-readable card type identifier
patternsPremiumarray[4]
Starting digit patterns for card type
gapsPremiumarray[4, ...]
Character positions for spacing formatting
lengthsPremiumarray[16, ...]
Valid card length values in digits
codePremiumobject{...}
Security code specifications for card
namestring"CVV"
Name of security code like CVV
sizenumber3
Number of digits in security code
matchStrengthPremiumnumber1
Confidence level of card type match
brandstring"Visa"
Human-readable card brand (e.g. Visa, Mastercard), or null if the scheme could not be identified
cardNumberstring"4900264223817524"
The validated card number provided
binstring"490026"
The card's BIN/IIN (first 6 digits), or null if fewer than 6 digits were supplied
last4string"7524"
The last 4 digits of the card, or null if fewer than 4 digits were supplied
isValidbooleantrue
Whether the card number is complete and passes the Luhn checksum
isPotentiallyValidbooleantrue
Whether the number could still become valid (correct brand prefix but possibly incomplete) — useful while a user is still typing
isTestCardPremiumbooleanfalse
Whether the number is a known published processor test card (Stripe, Adyen, etc.) rather than a live card
riskScorePremiumnumber0
Composite 0-100 risk score combining Luhn validity, test-card and scheme-recognition signals (higher is riskier)
riskLevelPremiumstring"low"
Risk band derived from the score: low, medium or high

Headers

Only X-API-Key is required. Optional headers include Accept for response format negotiation (JSON, XML, or YAML), User-Agent, and X-Request-ID for request tracing. See all request headers →

GraphQL AccessALPHA

Access Card Validator through GraphQL to combine it with other API calls in a single request. Query only the card validator data you need with precise field selection, and orchestrate complex data fetching workflows.

Test Card Validator in the GraphQL Explorer to confirm availability and experiment with queries.

Credit Cost: Each API called in your GraphQL query consumes its standard credit cost.

GraphQL Endpoint
POST https://api.apiverve.com/v1/graphql
GraphQL Query Example
query {
  cardvalidator(
    input: {
      number: "4900264223817524"
    }
  ) {
    card {
      niceType
      type
      patterns
      gaps
      lengths
      code {
        name
        size
      }
      matchStrength
    }
    brand
    cardNumber
    bin
    last4
    isValid
    isPotentiallyValid
    isTestCard
    riskScore
    riskLevel
  }
}

Note: Authentication is handled via the x-api-key header in your GraphQL request, not as a query parameter.

CORS Support

The Card Validator API accepts cross-origin requests from any origin, so it can be called directly from browser-based applications without a proxy. See CORS support →

Rate Limiting

Card Validator requests are throttled per minute on the Free plan and unthrottled on paid plans. Exceeding the limit returns 429 Too Many Requests; rate-limit usage is reported in the X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset response headers. See per-plan limits and best practices →

Error Codes

The Card Validator API uses standard HTTP status codes — 200 on success, 400 for invalid parameters, 401 for missing or invalid keys, 403 for insufficient credits, 429 for rate-limit exhaustion, and 500/503 for server-side issues. Each error response includes an X-Request-ID header you can quote when contacting support. See full error handling guide →

SDKs for Card Validator

Official Card Validator packages on npm, PyPI, NuGet, and JitPack — plus a Postman collection and an OpenAPI spec. See the SDK guide →

No-Code Integrations

Card Validator works with Zapier, Make, Pipedream, n8n, and Power Automate using the same API key. See setup guides →

Frequently Asked Questions

How do I get an API key for Card Validator?
Sign up for a free account at dashboard.apiverve.com. Your API key will be automatically generated and available in your dashboard. The same key works for Card Validator and all other APIVerve APIs. The free plan includes 1,000 credits plus a 500 credit bonus.
How many credits does Card Validator cost?

Each successful Card Validator API call consumes credits based on plan tier. Check the pricing section above for the exact credit cost. Failed requests and errors don't consume credits, so you only pay for successful card validator lookups.

Can I use Card Validator in production?

The free plan is for testing and development only. For production use of Card Validator, upgrade to a paid plan (Starter, Pro, or Mega) which includes commercial use rights, no attribution requirements, and guaranteed uptime SLAs. All paid plans are production-ready.

Can I use Card Validator from a browser?
Yes! The Card Validator API supports CORS with wildcard configuration, so you can call it directly from browser-based JavaScript without needing a proxy server. See the CORS section above for details.
What happens if I exceed my Card Validator credit limit?

When you reach your monthly credit limit, Card Validator API requests will return an error until you upgrade your plan or wait for the next billing cycle. You'll receive notifications at 80% and 95% usage to give you time to upgrade if needed.

What's Next?

Continue your journey with these recommended resources

Was this page helpful?