Can I store customer credit card information from my website (not developed with square) to a square database?

So I am (very) new to backend web development and have been developing my ecommerce website with PHP. I do not understand it in too much detail. I was wondering if it were possible to store the card details that customers enter on my website when purchasing, into a square database so that I do not have to store it into my own database and go through all the PCI standards, as that all seems far too complicated. I will be using square for customers to make card payments on my website. I was also wondering if it were possible for my customers to update the card details via their edit profile page on my website and have it update to the stored details on the square database? Once again I am very new to this so it is quite hard for me to understand. Backend development has been hell for me as I have faced multiple problems due to being new.

:wave: Welcome! It definitely can be overwhelming when your new. Yes, you can use the Cards API to store the customer card on file. As for updating a customers card there isn’t an UpdateCard endpoint but you can use DisableCard to remove their existing card and CreateCard to generate the newly updated card on file. :slightly_smiling_face:

Hello, thank you for your response. Is there any API that displays the users card (with specific details hidden, such as only displaying the last 4 digits of the card number)? If you’re not sure what I mean, allow me to give some more context:

I would like to create a page where customers can create a card, delete a card and check the card they have on file. You have already shown me where I need to go to learn more about creating a card and deleting a card, but how could my customers view their card they already have on file through my website? Thank you.

Currently there isn’t any UI elements for displaying customer cards available with Square APIs. We’re constantly working to improve our features based on feedback like this, so I’ll be sure to share your request to the API product team. :slightly_smiling_face:

When you save the card, the API makes the last 4 digits available in the info returned by the api call. Likewise, after a purchase has finished, you should be able to see the last 4 digits (and the first 6, if memory serves me correctly). You can check this out in Square’s API explorer.

While Square’s credit card form itself will only give you a token, once you’ve either saved it under a Square customer entry, or used it to process a transaction, you should be able to see the card details.

If you want to save cards and have them available for management and future transactions, you would create a customer once, then save the cards one by one under that customer using Square’s API calls. Each time you save a card using the Square API calls, you’d also save it in your own website database so you could easily show the user what is saved.

When you come back to process the transaction, you would have your own application logic which would show the user the multiple saved cards and let them choose one, or if you have one marked as default in your own logic, you’d process using that saved default card. As mentioned, you’d need to have a summary of the card (eg name, type, last 4 digits, Square saved card id) saved in your own website database. The Square API itself doesn’t provide any UI to do this because it’s probably better handled by your own logic.

Hope I’ve managed not to screw this up, apologies if I’ve gotten anything wrong!

CreateCard API doco: POST /v2/cards - Square API Reference
CreatePayment API doco:

JSON returned from CreatePayment - look for last_4 in details, and note the rest of the card info surrounding it:

  "payment": {
    "id": "R2B3Z8WMVt3EAmzYWLZvz7Y69EbZY",
    "created_at": "2021-10-13T21:14:29.577Z",
    "updated_at": "2021-10-13T21:14:30.504Z",
    "amount_money": {
      "amount": 1000,
      "currency": "USD"
    "app_fee_money": {
      "amount": 10,
      "currency": "USD"
    "status": "COMPLETED",
    "delay_duration": "PT168H",
    "source_type": "CARD",
    "card_details": {
      "status": "CAPTURED",
      "card": {
        "card_brand": "VISA",
        "last_4": "1111",              <--*****
        "exp_month": 11,               <--*****
        "exp_year": 2022,              <--*****
        "fingerprint": "sq-1-Hxim77tbdcbGejOejnoAklBVJed2YFLTmirfl8Q5XZzObTc8qY_U8RkwzoNL8dCEcQ",
        "card_type": "DEBIT",
        "prepaid_type": "NOT_PREPAID",
        "bin": "411111"
      "entry_method": "ON_FILE",
      "cvv_status": "CVV_ACCEPTED",
      "avs_status": "AVS_ACCEPTED",
      "auth_result_code": "vNEn2f",
      "statement_description": "SQ *EXAMPLE TEST GOSQ.C",
      "card_payment_timeline": {
        "authorized_at": "2021-10-13T21:14:29.732Z",
        "captured_at": "2021-10-13T21:14:30.504Z"
    "location_id": "L88917AVBK2S5",
    "order_id": "pRsjRTgFWATl7so6DxdKBJa7ssbZY",
    "reference_id": "123456",
    "risk_evaluation": {
      "created_at": "2021-10-13T21:14:30.423Z",
      "risk_level": "NORMAL"
    "note": "Brief Description",
    "customer_id": "W92WH6P11H4Z77CTET0RNTGFW8",
    "total_money": {
      "amount": 1000,
      "currency": "USD"
    "approved_money": {
      "amount": 1000,
      "currency": "USD"
    "receipt_number": "R2B3",
    "receipt_url": "",
    "delay_action": "CANCEL",
    "delayed_until": "2021-10-20T21:14:29.577Z",
    "application_details": {
      "square_product": "ECOMMERCE_API",
      "application_id": "sq0ids-TcgftTEtKxJTRF1lCFJ9TA"
    "version_token": "TPtNEOBOa6Qq6E3C3IjckSVOM6b3hMbfhjvTxHBQUsB6o"

Hi Bryan,

I watched and read about Cards API but can’t find a way to enter credit card numbers. Billing address, cardholder_name, customer_id, exp_month, exp_year and etc are available for input except for the card numbers. Could you please show me an example of how to save the card with credit card numbers?

You’ll first need to tokenize the card information with the Web Payments SDK. Once you have the token you’ll then pass it to the Cards API as the source_id. :slightly_smiling_face:

Is there a way to prepopulate the credit card id from the existing database without re-typing? Thank you for the answer. I’m still looking for a way to process the card payment from the in-house database.

If the card is already stored on file with Square you can programmatically charge the card on file. If you haven’t saved the card on file within Square and are wanting to programmatically tokenized raw card data, that isn’t currently available. :slightly_smiling_face:

Thank you for the answer. No wonder why I couldn’t find a way to save it. Do you plan to build api for this operation? Square has developed so many nice APIs to support a lot of business activities, except for this case. I hope it will be available in the near future.

Reply to Bryan,
Thank you for listening. I think you have every feature I need except for this one. That’s why I cannot recommend the SQUARE yet to my existing customers. They don’t want to re-enter stored credit card information in their database. I told them I could transfer about everything like customers info, billing address and etc except for the card info. I hope the credit card numbers could be saved when running the create card api. Thank you again.

There is a limit to reply to this topic. Therefore, I edited my existing question.

Unfortunately, we don’t have public roadmaps for features like this. We’re constantly working to improve our features based on feedback like this, so I’ll be sure to share your request to the API product team. :slightly_smiling_face: