PCI Booking provides a simple, Restful, API to perform all actions regarding a credit card.

PCI Booking is made up of several application areas. This developers site contains a guide and a reference manual for each application area.

  • The guides allow software architects and designers to have a broad view on the system operation and easily pick up those components which can fit the best different application scenarios.
  • The reference manuals allow developers to have a clear understanding of which methods are available, what input parameters are required for each method and the expected results of each.

Capture Card Security Code

Any customer who needs to send the card security code capture form to a client - while talking to the client over the phone (or any form of communication) - should use the Card Over The Phone Service.

How it works

Upon request, PCI Booking will send either an email or a text message (SMS) to the client. This message will contain a link to the card security code capture form.
Once the client has finished entering the card' security code, the original card will be duplicated to a new card stored in PCI Booking and a new token will be generated which will be sent to the customer who requested the form be sent.

It is your responsibility to clear the original token that was stored in PCI Booking.
If this token is not cleared, it will be charged the monthly storage fee.

Tokenization Flow

  1. Implement the Callback method to receive status updates on the card request.
  2. (optionally) Prepare in advance the CSS that should be used for this card capture.
  3. Initiate a call with a client and reach the stage in the conversation of requesting the card security code
  4. Submit the Request to Send Card Security Code Capture Form to Recipient method
    • In this request, you will provide details on how to send the message (email or text message) and the destination information. You will also provide details on the original token that the security code should be added to.
  5. Message is sent to the client.
  6. Client clicks on the link to open the card capture form and fills out the card details.
  7. Card details are stored in PCI Booking and a token is sent to the customer via the callback.