PCI Booking provides a simple, Restful, API to perform all actions regarding a credit card.

PCI Booking is made up of several application areas. This developers site contains a guide and a reference manual for each application area.

  • The guides allow software architects and designers to have a broad view on the system operation and easily pick up those components which can fit the best different application scenarios.
  • The reference manuals allow developers to have a clear understanding of which methods are available, what input parameters are required for each method and the expected results of each.

Get Started with Your Development with PCI Booking

PCI booking has many components, features and services; sometimes it can be confusing to understand which feature(s) you actually require for your workflows, so we thought we would provide you with a little guidance.

This guide will help you identify the workflows that you currently have and direct you to the documentation of the relevant feature within PCI Booking solution that you should use.

PCI Booking separates handling of credit cards into three sections - these are all from the PCI Booking customer’s perspective:

  • General: tasks that you need to perform in order to manage your stored credit cards.
  • Inbound: when you request credit card data from other third parties or when other third parties send you credit card data (without first being prompted by you).
  • Outbound: When you send credit card data to third parties or when other third parties request credit card data from you.

General

  • Do you require migrating existing stored credit cards from your database into PCI Booking tokens?
    • In this case, you will need to use our PCI Booking store method which allows you to submit card details through the API and get a token in return. For documentation on our store method, please visit our guide on e-Wallet Methods.
  • Do you need to set a custom retention and relay policy (either account-wide or token-based) for cards stored with CVV? (PCI compliance states that the CVV cannot be stored after the card has been used to authorise the transaction).
    • In this case, you will need to use our CVV retention policy methods which allows you to set and manage the retention policy for the account or individual tokens. For documentation on setting the CVV retention policy, please visit our guide on CVV Retention Policy.
  • Do you require deleting tokens after a certain period of time? (you can store tokens with PCI Booking indefinitely).
    • In this case, you will need to use our delete card method which allows you to delete the card details of any specific token. For documentation on our delete method, please visit our guide on e-Wallet Methods.

Inbound

  • Do you collect credit card information from people (i.e. not from an API) through a web portal?
    • In this case, you will need to use our capture card web page which is normally integrated in the form of an iFrame into your own web site - so the site visitor will enter the card details directly to the PCI booking system.
      PCI Booking offers several options for you to display a form to capture card details:
  • Do you need to collect CVVs of previously collected credit card information from people (i.e. not from an API) through a web portal?
    • In this case, you will need to use our capture CVV web page which is normally integrated in the form of an iFrame into your own web site - so the site visitor will enter the card’s CVV details directly to the PCI booking system.
      PCI Booking offers several options for you to display a form to capture card CVV details:
  • Are you working with third party providers where you pull credit card data from their API?
    • In this case, you will need to use our tokenize on response method of the API where you send a request to the third party through PCI Booking and then the response is processed and tokenized through PCI Booking. For further documentation on tokenizing data from the response, please visit our guide on the Tokenization in Response method.
      Alternatively, you may want to review our Universal Tokenization service which offers built-in integration to most third party providers to provide a simple, quick and easy method for tokenizing data retrieved from these third parties.
  • Are you working with third party providers that send credit card data to your API?
    • In this case, you will need to use our PCI Booking Gateway which will act as a proxy and process all requests that are sent through it. For further documentation on our Gateway, please visit our Tokenization in Request (Gateway) method.

Outbound

  • Are you working with third party providers that request credit card data from your API?
    • In this case, you will need to use our PCI Booking Gateway which will act as a proxy and process all requests that are sent through it. For further documentation on our Gateway, please visit our Token Replacement in Response (Gateway) method.
  • Are you working with third party providers that you push credit card to their API?
    • In this case, you will need to use our token replacement method where you send a request to the third party through PCI Booking - the request will include the token of the card - and then PCI Booking will add the content of the token to the specified locations within the message and replay it to the third party. For further documentation on performing token replacement please visit our guide on the Token Replacement in Request method.
    • If these third parties are payment gateways, you may want to consider using our new Universal Payment Gateway which provides developers a single access point to working with multiple payment gateway APIs with very little change to your code when switching between payment gateways. For further documentation on working with payment gateways, please visit our guide on the Universal Payment Gateway service.
  • Do you work with hotels and do they need to retrieve credit card details from you? Do you have a way to manage credentials for the hotels to log in to a secure portal on your end?
    • In this case, you will need to use our card display web page which is normally integrated in the form of an iFrame into your own website - so the hotel will log in to your portal and view the card details there. For documentation on displaying the card details in your website, please visit our guide on the Card Display iFrame method.
    • If you do work with hotels and they require to retrieve card details from you, however, you do not have a portal for them to login to, you may want to consider using the PCI Booking Property Management System and manage all of your properties within the PCI Booking system. For documentation on the PCI Booking Property Management System, please visit our guide on the Property Management methods.

Get Started with Your Development with PCI Booking


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.