> ## Documentation Index
> Fetch the complete documentation index at: https://developers.orchestrasolutions.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Card Validation

> This method allows you to validate the card details against the card's metadata. By providing the billing address and IP address of the card owner, we validate those against the metadata of the card and provide a risk assessment for this transaction. All you would need is the card's BIN / IIN (the first 6 to 11 digits of the card number), the billing address and IP address. The response of this method will include the full metadata information for this BIN including the risk assessment.



## OpenAPI

````yaml post /Tools/validate
openapi: 3.0.4
info:
  title: Orchestra API
  description: Code Version 1.0.11.6
  version: Prod
servers:
  - url: https://api.orchestrasolutions.com
security: []
tags:
  - name: AP2
    description: Test AP2 controller
  - name: EWalletOperations
    description: Card operations controller
  - name: MockCredentialProvider
    description: |-
      Mock Credential Provider controller implementing JSON-RPC 2.0 protocol
      Used for testing AP2 checkout flows
  - name: PaymentGatewayAccounts
    description: Payment Gateway Accounts
  - name: PaymentGateway
    description: Universal Payment Gateway
  - name: StringTokens
    description: Token management
  - name: Tools
    description: >-
      Card tools for BIN/IIN lookup, brand identification, Luhn validation, and
      card risk assessment
  - name: Utils
    description: Utils
paths:
  /Tools/validate:
    post:
      tags:
        - Tools
      summary: Card Validation
      description: >-
        This method allows you to validate the card details against the card's
        metadata. By providing the billing address and IP address of the card
        owner, we validate those against the metadata of the card and provide a
        risk assessment for this transaction. All you would need is the card's
        BIN / IIN (the first 6 to 11 digits of the card number), the billing
        address and IP address. The response of this method will include the
        full metadata information for this BIN including the risk assessment.
      operationId: CardValidate
      parameters:
        - name: iin
          in: query
          description: Card's BIN / IIN (the first 6 to 11 digits of the card number)
          required: true
          schema:
            type: string
            pattern: \d{6,11}
      requestBody:
        description: Payer billing details including IP address
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PayTools_Api.Models.PayerBaseWithClientIp'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PayTools_Api.Models.CardValidationResults'
        '400':
          description: Bad Request
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: >-
                    #/components/schemas/PayTools_Shared.Models.ValidationErrorMessage
        '401':
          description: Not authenticated
      security:
        - ApiKeyAuth: []
components:
  schemas:
    PayTools_Api.Models.PayerBaseWithClientIp:
      type: object
      properties:
        city:
          type: string
          description: City
          nullable: true
        stateProvince:
          type: string
          description: State or Province
          nullable: true
        countryCode:
          type: string
          description: 2 letter country code (ISO 3166-2)
          pattern: '[A-Z]{2}'
        clientIPAddress:
          type: string
          description: Client IP address
      required:
        - countryCode
        - clientIPAddress
      additionalProperties: false
      description: Payer billing information including client IP address
    PayTools_Api.Models.CardValidationResults:
      type: object
      properties:
        riskLevel:
          type: string
          description: >-
            The risk level associated with this transaction (VeryLow, Low, High,
            VeryHigh)
        description:
          type: string
          description: A description of the risk that was identified for this transaction
        cardBrand:
          type: string
          description: The card brand (AMERICAN EXPRESS, VISA, MASTERCARD, JCB etc)
        cardType:
          type: string
          description: Type of card (CREDIT, DEBIT, etc.)
        cardCategory:
          type: string
          description: Card category (GIFT, PROPRIETARY, etc.)
        issuerName:
          type: string
          description: Name of card issuer (e.g. Bank of America)
        issuerCountry:
          type: string
          description: 2 letter country code (ISO 3166-2) of the card issuer's country
        countryByIP:
          type: string
          description: >-
            2 letter country code (ISO 3166-2) of the country detected by the
            payer's IP address
        countryFromBillingAddress:
          type: string
          description: 2 letter country code (ISO 3166-2) from the payer's billing address
        anonymousProxyUsed:
          type: boolean
          description: Whether the payer's IP address is from an anonymous proxy
      additionalProperties: false
      description: Results for a card validation request including risk assessment
    PayTools_Shared.Models.ValidationErrorMessage:
      type: object
      properties:
        fieldName:
          type: string
          description: Field name the error(s) are referring to
          nullable: true
        errors:
          type: array
          items:
            type: string
          description: List of errors
          nullable: true
      additionalProperties: false
      description: Model for display validation error messages
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      description: Please enter ApiKey into field
      name: X-Api-Key
      in: header

````