Duplicate cards for customer in Vault

adriel.bky · March 6, 2026, 2:30am

In Maya vault, What is the recommended way to handle users that try to save the same card multiple times?

Upon my development, I realized this is a scenario that happens. How do we handle that given that we are limited to the first6 and last4 of the card?

Thank you

system · March 6, 2026, 2:30am

When a customer attempts to save a card that is already vaulted in Maya Vault, the system returns the error code PY0043 - “Card already exists”. This is the expected behavior and should be handled in your integration as follows:

Do not attempt to re-vault the same card. The paymentTokenId generated during tokenization can only be linked to a customer once.
When you receive the PY0043 error, inform the user that the card has already been saved and is available for future payments.
Use the Retrieve Cards of a Customer endpoint to list all vaulted cards associated with the customer and display them in your UI, allowing the user to select an existing card instead of re-entering details.

Avoid relying on first6/last4 for deduplication, as Maya Vault uses the unique paymentTokenId for card identification. This ensures security and compliance with tokenization standards.

For Sandbox concerns and other technical implementation inquiries, please get in touch with us via:

Sandbox Health Page: Check real-time service status updates.
Maya Developer Hub Service Desk: File
a ticket in Sandbox.

To Know More:

We value your input and would love to hear your insights. Please submit you feedback here.

adriel.bky · March 6, 2026, 2:37am

Based on current behavior (March 6, 2026), Upon triggering the Create Payment Token twice using the same card,

We will receive two different paymentTokenId. This is correct behavior.

But when using those two very same tokens in the Create Card of Customer , and user has passed the verification part, Both cards are still linked and thus showing us two records of the same card.

How do we handle that?

genson.cerezo · March 6, 2026, 4:54am

Thanks for sharing the details.

Based on the behavior you described, what you’re seeing is expected behavior based on how the tokenization flow works.

When Create Payment Token is triggered multiple times using the same card details, the API will generate a new and unique paymentTokenId each time. This is intentional because payment tokens are single-use tokens meant for secure card submission or payment processing, not persistent identifiers of the card itself.

Because of this:

Calling Create Payment Token multiple times with the same card will produce different paymentTokenId values.
If those tokens are then used in Create Card of Customer, the system will treat them as separate card registrations, even if they correspond to the same underlying card.

To avoid this scenario, your platform should control the flow once a card has already been successfully vaulted.

Once the cardTokenId has been created during Create Card of Customer and stored in your system, there is no need to call Create Payment Token or Create Card of Customer again when the same customer is creating a payment.

Instead, when the customer makes a new payment and already has a saved card, your platform should use the existing cardTokenId to trigger the payment via Create Customer Payment.

Additionally, in your payment UI, the customer should be able to:

Select an existing saved card for payment (which uses the stored cardTokenId), or
Add a new card, which would trigger the Create Payment Token → Create Card of Customer flow again.

adriel.bky · March 6, 2026, 6:41am

Hello, Thanks for the reply.

How do we handle the scenario?

Customer has linked Card A.
Customer goes to the “Add new card” again then inputs the exact Card A.
the new Card A is processed again and is stored as a new card.

Is there no way to stop Card A from being added again?

adriel.bky · March 9, 2026, 12:54pm

Hi, Would there be any updates here?

I think a clear guide on handling the scenario above would serve well for future potential integrators.

genson.cerezo · March 10, 2026, 12:23am

Hi @adriel.bky,

Let me check internally with the relevant teams so we can confirm the best approach for handling this particular use case. Some scenarios may depend on platform configuration or supported implementation patterns, so I want to make sure we provide the most accurate guidance.

I’ll follow up on this thread once I’ve gathered more details from the internal teams. Appreciate your patience in the meantime.

genson.cerezo · March 10, 2026, 12:29am

Also, could you confirm whether you are using the sample sandbox API keys published in the Maya Developer Hub, or are you using sandbox credentials provisioned specifically for your account during onboarding?

adriel.bky · March 10, 2026, 2:36am

The environment I am testing on is using the sandbox provisioned for the team’s account.

This also happens in our production API key as well.

adriel.bky · March 11, 2026, 2:18am

Hello again,

Do we have any updates here?

genson.cerezo · March 11, 2026, 3:09am

Hello @adriel.bky,

As confirmed internally, there is a way to handle duplicate cards during the vaulting process so that the same underlying card will not be stored multiple times for a customer.

At the moment, this capability is not yet documented in the Maya Developer Hub guides and requires feature enablement on the merchant account.

If you would like to use this functionality, you may coordinate with your Maya Relationship Manager. They can assist you with the requirements and the process for enabling this feature on your provisioned account.

Once enabled, this should help address scenarios where the same card may be tokenized multiple times during the vaulting flow.