Card Display iFrame

PCI Booking users (e.g booking sites) who work with suppliers (usually hotels) that log in to the PCI Booking users' portal in order to view card details should use the card display form.

Users of PCI Booking can integrate the Card Display form as an iframe in their secure portal and so allow their customers, once properly authenticated to the portal, to view the card details of a PCI Booking token.
This method can be used for such scenarios as a hotel requiring card information to charge a customer.

Preparing the Card iFrame

The e-commerce site has significant control over the capture form's look and feel, via a custom stylesheet (.css) file.
As a baseline, you can use our default CSS to design your own.

Please note: the stylesheet will be stored in PCI Booking's database, and will be used in the iFrame with the stylesheet name. Read more on managing stylesheets.

Token Replacement within the Card Display iFrame - Flow

  1. (optionally) Prepare in advance the CSS that should be used for this card display form.
  2. Authenticate PCI Booking via an "access token" or a "session token". Read more about our authentication methods.
  3. Request a card display form, with your site's look and feel, using the Request a Card Display Form method.
    • In this request, you will provide the PCI Booking token to be retrieved
    • The response to this request would be the HTML code of the Card Display form.
  4. PCI Shield will retrieve card data, according to the card token and display card on screen.


Below is an example of how the basic Card Display form will look like when integrated into a web site.