This is a basic lookup method for card information. The ability exists within this method to return sensitive card information. Sensitive parameters can be partially returned or removed by configuration based on the API consumer's needs and PCI posture. You may request provider_params to be updated via request to Galileo Processing. (This will require the ability to securely handle data).
getCard() is a PCI-compliance sensitive method. When the provider_params are enabled, it returns a PAN/cvv/expdate.
Parameter Required Data type Pattern Notes
transactionId Yes String

60 characters or less


A unique system generated ID number that identifies the API transaction with Galileo Processing systems. A UUID is preferred. This must be different for each transaction.
accountNo Yes String



Can be either a PAN (the 16 digit card number) or PRN (a unique product Identifier used for internal Galileo processing and added security) or card_id (integer identifier of the card as found in RDF or getAccountCards()).
Status Codes
Codes that define the status of the activateCard() transaction.
Status Code description
0 Success
2 Invalid parameter(s)
12 Invalid customer account
-1 Indicates that the application record failed to update or return.
<?xml version="1.0" encoding="UTF-8"?>
   <system_timestamp>2011-02-09 14:32:43</system_timestamp>
       <start_date>2015-05-03 00:00:00</start_date>
       <end_date>2015-05-03 23:59:59</end_date>
     <provider_timestamp>2013-02-06 10:10:10</provider_timestamp>
Description Description Example value
Status The condition of a process or response (such as embossed card, account, freeze, and so on). Success
status_code The status of the response. 0
system_timestamp A system generated timestamp. 2011-02-02 11:11:12
response_data A structure for the response data. It can be empty but usually will contain information. <response_data>
   <new_account>   </new_account>
card_number A PAN or 16 digit card number. 123412XXXXXX1234
expiry_date Expiration date of the card. 2018-05-22
card_security_code The card verification value (cvv), is a card anti-fraud measure. 123
Status The condition of a process or response (such as embossed card, account, freeze, and so on). L
card_id Integer identifier of the card as found in the raw data file (RDF). Unique identifier for a PAN. 5433
external_card_id Alpha numeric partner specified external card identity. 1234567891234567891234567891234
pmt_ref_No A Galileo generated account number. 008100001671
first_name A person's first name as listed on the account. John
middle_name A person's middle name as listed on the account. Elizabeth
last_name A person's last name as listed on the account. Doe
encrypted_card_number Encrypted number for the card. H92JK7DUP4359L257
encrypted_expiry_date Encrypted expiration date for the card. JK7DAB4359L25
spend_controls A data structure that displays any spend_ controls settings. <spend_controls>
available_credit The amount available to be charged to a credit card. 5000
single_use A flag that indicated an alias credit card number, exhausted after one use. Y
credit_limit The maximum outstanding balance allowed on a credit card. 5000
embossed_cards A data structure that displays information associated with an embossed card. <embossed_cards>
embossed_card A data structure that displays information for an embossed card. Associated with an embossed status flag, created_date, emboss_date, expiry_date, and shipping_date. <embossed_card>
Status The condition of a process or response (such as embossed card, account, freeze, and so on). N
created_date The date when the cardholder first applied for the card. 2018-05-01
emboss_date The date the card was sent to be manufactured. 2018-05-01
expiry_date Expiration date of the card. 2012-05-22
shipping_type The shipping type used to ship the cards to the cardholder, Standard or Express Mail. Standard
freeze_info Associated with the Frozen status, and the start and end date of a card. Frozen status=card locked out. Unfrozen status=card usable. (Freeze only affects authorization approvals). <freeze_info>
  <start_date>2015-05-03 00:00:00</start_date>
  <end_date>2015-05-03 23:59:59</end_date>
start_date Date the freeze was activated. (Specific to freeze_info). 2015-05-03 00:00:00
end_date Date the freeze was ended. (Specific to freeze_info). 2015-05-03 23:59:59
pin_fail_count A flag for the PIN fail count (0 or -1). -1
pin_fail_date Date a PIN fail was recorded. 2018-05-22
processing_time The time elapsed in processing the transaction. 1.723
echo A structure that displays transaction ID information. <echo>
transaction_id A number that represents a transaction. 12345a
provider_transaction_id Secondary transaction identifier (generated by a provider). 77bb
provider_timestamp Stores a related timestamp for reporting and troubleshooting purposes. 2013-02-06 10:10:10
Code Snippet

                    # The following shell script will use cURL to call getCard
# and return the json response.

curl -d '{"transactionId":"45k-dk3fj3-44478", "accountNo":"074103447228"}' \ 
-H "response-content-type: json" \ 
-H "Authorization: Bearer **your-access-token**" \ 
                    // The following Java code will make a getCard call
// and print the json response.

import java.util. *;

class GalileoAPICall
    public static void main(String[] args) {
        try {
            Map<String,Object> params = new LinkedHashMap<>();
           params.put("transactionId", "45k-dk3fj3-44478");
           params.put("accountNo", "074103447228");
            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String,Object> param : params.entrySet()) {
                if (postData.length() != 0) postData.append('&');
                postData.append(URLEncoder.encode(param.getKey(), "UTF-8"));
                postData.append(URLEncoder.encode(String.valueOf(param.getValue()), "UTF-8"));
            byte[] postDataBytes = postData.toString().getBytes("UTF-8");

            URL url = new URL("");

            HttpURLConnection conn = (HttpURLConnection) url.openConnection();
            conn.setRequestProperty("response-content-type", "json");
            conn.setRequestProperty("Authorization", "Bearer **your-access-token");
            conn.setRequestProperty("Content-Length", String.valueOf(postDataBytes.length));

            String xmlOutput;

            Reader in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));
            for (int c; (c = >= 0;) {
        } catch (MalformedURLException e) {
        } catch (IOException e) {
                    # The following Python code will call getCard
# and print the json response.

import requests
headers = {'response-content-type': 'json', 'Authorization': 'Bearer {}'.format(**your-access-token**)}
payload = {'transactionId': '45k-dk3fj3-44478', 'accountNo': '074103447228'}
r ='', data=payload, headers=headers)
                    // The following PHP code will make a getCard call
// and prints the json response.

$endpoint = '';
$params = array('transactionId'=>'45k-dk3fj3-44478', 'accountNo'=>'074103447228');

$curl = curl_init();
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
curl_setopt($curl, CURLOPT_URL, $endpoint);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
    'response-content-type: json',
    'Authorization: Bearer **your-access-token**'
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

$result = curl_exec($curl);
$json = new json_decode($result, true);

                    // The following C# code will make a getCard call
// and print the json response.

using System;using System.IO;
using System.Net;
using System.Text;

byte[] data = Encoding.ASCII.GetBytes(
WebRequest request = WebRequest.Create("");
request.Method = "POST"\;
request.ContentLength = data.Length;
request.Headers.Add("response-content-type", "json");
request.Headers.Add("Authorization","Bearer **your-access-token**");
using (Stream stream = request.GetRequestStream())
    stream.Write(data, 0, data.Length);
string responseContent = null;
using (WebResponse response = request.GetResponse())
    using (Stream stream = response.GetResponseStream())
        using (StreamReader sr = new StreamReader(stream))
            responseContent = sr.ReadToEnd();
                    # The following Ruby code will make a getCard call
# and print the json response.

require 'uri'
require 'net/http'

uri = URI("")
https =, uri.port)
https.use_ssl = true
request =
request['response-content-type'] = 'json'
request['Authorization'] = 'Bearer **your-access-token**'
request.body = {transactionId: '45k-dk3fj3-44478', accountNo: '074103447228'}.to_json
response = https.request(request)
puts response