# Retrieve CVC2
source: https://developer.mastercard.com/mastercard-processing-core/documentation/use-cases/data-management/query-cms-get-particular-data/retrieve-cvc2/index.md

## Overview {#overview}

This use case describes how you fetch the CVC2 for the specified card contract.

## Sequence diagram {#sequence-diagram}

![Sequence diagram](https://static.developer.mastercard.com/content/mastercard-processing-core/uploads/retrieve-cvc2.png)
Note: The diagram does not contain end-to-end payload encryption which is part of every operation. Refer to [Encryption](https://developer.mastercard.com/mastercard-processing-core/documentation/api-basics-section/encryption/index.md) for more information.

### Explanation {#explanation}

1. The server sends a `POST` request to the `/cards/{card_contract_id}/card-verification-codes/searches` endpoint to fetch the CVC2 for the `card_contract_id` `Plastic`. To identify the suitable `Plastic` in the CMS, you must send the required `cardExpiryDate` field with the correct value in the request body.
2. The API returns the `cardVerificationCode` of the specified card contract `Plastic`.  
   Note: As you may not want to store any sensitive data, such as CVC2, Mastercard Processing can help you transfer it to the cardholder in a secure way by using the `Customer-Public-Rsa-Key` header in the API requests. In such case, the `Customer-Public-Rsa-Key` header must contain the Public RSA key generated by the cardholder's mobile application and verified by your server that Mastercard Processing API will use to encrypt CVC returned in the `ecnryptedCardVerificationCode` field in the response so that only the cardholder's mobile application will be able to decrypt and display it. Refer to [Sandbox testing](https://developer.mastercard.com/mastercard-processing-core/documentation/sandbox-testing/data-management/query-cms-to-get-particular-data/retrieve-cvc2/index.md) for information on how to execute the use case in the Sandbox environment.

## Endpoints {#endpoints}


API Reference: `POST /cards/{card_contract_id}/card-verification-codes/searches`