How to uniquely identify payment card via API?

Need to build an application to identify repeated customers and then do some integration.

When a guest made a payment, I assume Square would generate a token that uniquely identifies the tender media?

Transaction report has card type and last 4 digits of the card, but the combination of card type and last 4 digits cannot uniquely identify a card.

Is “fingerprint” the correct field for this purpose?


:wave: I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:

Additional Documentation

Cards API Overview
Cards API Overview
Web Payments SDK Requirements

If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.

Yes, Square does generate a unique token for each card transaction. However, this token is single-use and cannot be used to identify repeat customers.

To identify repeat customers, you can use the Customers API to create customer profiles and link them to transactions. You can also use the Cards API to save a customer’s card on file (with their permission), which generates a card_id that can be used for future transactions. This card_id can be used to identify repeat transactions from the same customer.

Please note that you should always ask customers for permission before saving their card information. Linking cards on file without obtaining customer permission can result in your application being disabled.

This answer was reviewed by @Bryan-Square.


Is “fingerprint” the single-use unique token? If so, then it seems there is no easy way to identify repeat customers. :frowning:

It’s unique to the customers card for the sellers Square account. :slightly_smiling_face:

Does it mean:

  • For a given seller/merchant, “fingerprint” can uniquely identify a card? If so, that’s great, and it’s all I need.
  • Square generates different fingerprints for the same card when the same card is used in different sellers/merchants. But for a given Square seller, the same payment card matches one and only one fingerprint.

That’s correct. The card fingerprint is unique to that card for the sellers account and the sellers account only. :slightly_smiling_face:

That’s great!

One more question: I just signed into a client’s dashboard and found they have multiple locations.

Does the 1-to-1 card-to-fingerprint association apply to this dashboard account, or apply to each location?

No, its the entire merchant account. :slightly_smiling_face: