UnMasked Expiration Date in Hosted CIM's getCustomerProfileRequest

Status: Delivered
by CoryAuth on ‎01-23-2015 10:08 AM

As mentioned in the following post:




The card expiry date is masked when returned in the getCustomerProfileRequest.  As the card number is masked, there is no PCI requirement that the expiry date of the card also be masked.  Without the expiry date, it makes it impossible for us to automate the process of notifying our customer's clients that their card will be soon expiring.  The reason for us going this route is to offer an ARB solution managed completely from within our application.  It is imparative for us to have access to this date.


The idea is a simple one.  Return the expiry date in the CIM getCustomerProfileRequest unmasked.



Status: Delivered
by martin1b
on ‎11-04-2015 09:23 AM

@ctdavis No, it affected us too. All of our payment sites were down due to this change. After a service reference refresh, the problem was resolved.  While I appreciate the change, testing would have revealed the adverse affects of changing the call signature prior to deployment.

by Developer Developer
on ‎11-07-2015 12:16 AM

Developers & Merchants,


As product manager for APIs & Developer Experience and on behalf of the API team I want to acknowledge that we messed up and we apologize for that. As a team we pride ourselves on delivering the features that our developers need (such as the update to GetCustomerPaymentProfile in this release) and we do that under the principle that we not break existing integrations. Unfortunately we fell short of our own high standards for maintaining integrations this time but please know we will do our best to assure this does not happen again.


by cggamer
on ‎11-09-2015 09:36 AM

Thanks @brianmc for all your help!


Do you know if the unmaskExpirationDate attribute will be added to the getCustomerProfileRequest call as well? It seems to be working great for the getCustomerPaymentProfileRequest call and it would be helpful to have it return the unmasked expiration date for the getCustomerProfileRequest call.


Thanks for your considering!

by pharmacy74
on ‎11-09-2015 09:45 AM

Hello Brian,


I have added the maskexpiaration flag to the file. But in respons I still see xxxx. What am I doing wrong?





by cggamer
on ‎11-09-2015 09:54 AM

@pharmacy74 the flag name is unmaskExpirationDate and it needs to be set to true and after the other elements in the request. Example (shortented):







by kgw39
on ‎11-09-2015 09:57 AM

I'm also not seeing anything other than XXXX being returned when a true is passed to getCustomerPaymentProfileRequest in the sandbox environment.  I haven't tried the live environment.

by pharmacy74
on ‎11-09-2015 10:07 AM

I am doing exactly same was as you have instructed before. When I dump structure, I still see expiration XXXX format.


<getCustomerPaymentProfileRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">

by Developer Developer
on ‎11-09-2015 10:08 AM

Can you try the API Reference live console:




Just add the <unmaskExpirationDate>true</unmaskExpirationDate> element as below


<getCustomerPaymentProfileRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">



by pharmacy74
on ‎11-09-2015 10:21 AM

Hi Brain


How can I use API referance live console??


I am trying to paste the snapshot image but it is not allowing me...






by Developer Developer
‎11-09-2015 10:49 AM - edited ‎11-09-2015 10:57 AM


Hi Mike,


As long as you are not on a really old browser like IE9 you should be able to edit the XML in the Try It tab.