Capture Cards
Request a Card Security Code Entry Form
Create a PCI Booking CVV capture form for use in an iFrame.
GET
CVV Capture Guide
Collect CVV from cardholders via hosted forms
Parameters
Authentication
Recommended. A long-lived token for browser-side calls. How to generate.
Alternative. Valid for 5 minutes. How to generate.
Form Configuration
Your PCI Booking username, used to identify your account.
The resource identifier (URI) for the card location within PCI Booking.
The form’s language in ISO 639-1 (2-letter) format - see here. If an unsupported language is provided, English will be displayed. To add languages, contact support.
The CSS resource name. See the guide on managing stylesheets. If omitted, the default CSS is applied.
Whether to remove the PCI Booking base CSS. The base CSS does not collide with the host site’s CSS. true: remove base CSS. false: use base CSS.
URL to redirect to on successful submission. See success/failure redirection pages.
URL to redirect to on failed submission. See success/failure redirection pages.
Whether to exclude the PCI Booking submit button, allowing the host site to use its own button. true: exclude submit button. false: include submit button. See postMessage integration.
Whether the card security code field receives focus when the parent page loads.
The domain name of the host site where the iframe is displayed.
A reference value that can be used to query for this card token later.
3D Secure
Visa requirement (Aug 2024): You must provide at least the cardholder’s
email or phone for 3DS authentication.Whether to perform 3D Secure authentication after card entry. If enabled with Access Token authorization, provide two access tokens.
Action to take if a technical problem occurs during 3DS processing. Accept: ignore 3DS failure and proceed with tokenization. Reject: do not tokenize the card; redirect to the failure URL.
The merchant name for 3D Secure authentication. Must be URL-encoded and unique per 3DS merchant account. See 3DS merchant setup.
Transaction amount for the 3D Secure challenge screen. Must be provided together with
currencyCode. If omitted, authentication uses a 0 EUR amount.Currency code for the 3D Secure challenge screen amount. Must be provided together with
amount. If omitted, authentication uses a 0 EUR amount.Cardholder’s email address for 3D Secure authentication. Must be a valid email format, e.g.
joe@bloggs.com.Cardholder’s telephone number for 3D Secure authentication. May only contain digits [0-9], e.g.
00353112223344.
