Get Started with Your Development with PCI Booking
PCI booking has many components, features and services; sometimes it can be confusing to understand which feature(s) you actually require for your workflows, so we thought we would provide you with a little guidance.
This guide will help you identify the workflows that you currently have and direct you to the documentation of the relevant feature within PCI Booking solution that you should use.
PCI Booking separates handling of credit cards into three sections - these are all from the PCI Booking customer’s perspective:
- General: tasks that you need to perform in order to manage your stored credit cards.
- Inbound: when you request credit card data from other third parties or when other third parties send you credit card data (without first being prompted by you).
- Outbound: When you send credit card data to third parties or when other third parties request credit card data from you.
General
- Do you require migrating existing stored credit cards from your database into PCI Booking tokens?
- In this case, you will need to use our PCI Booking store method which allows you to submit card details through the API and get a token in return. For further information, please visit our guide on the store card
method.
- In this case, you will need to use our PCI Booking store method which allows you to submit card details through the API and get a token in return. For further information, please visit our guide on the store card
- Do you need to set a custom retention and relay policy (either account-wide or token-based) for cards stored with CVV? (PCI compliance states that the CVV cannot be stored after the card has been used to authorise the transaction).
- In this case, you will need to use our CVV retention policy methods which allows you to set and manage the retention policy for the account or individual tokens. For documentation on setting the CVV retention policy, please visit our guide on CVV Retention Policy.
- Do you require deleting tokens after a certain period of time? (you can store tokens with PCI Booking indefinitely).
- In this case, you will need to use our delete card method which allows you to delete the card details of any specific token. For further information, please visit our guide on managing stored cards.
Inbound
- Do you collect credit card information from people (i.e. not from an API) through a web portal?
- In this case, you will need to use our capture card web page which is normally integrated in the form of an iFrame into your own web site - so the site visitor will enter the card details directly to the PCI booking system.
PCI Booking offers several options for you to display a form to capture card details:
- In this case, you will need to use our capture card web page which is normally integrated in the form of an iFrame into your own web site - so the site visitor will enter the card details directly to the PCI booking system.
- Do you need to collect CVVs of previously collected credit card information from people (i.e. not from an API) through a web portal?
- In this case, you will need to use our capture CVV web page which is normally integrated in the form of an iFrame into your own web site - so the site visitor will enter the card’s CVV details directly to the PCI booking system.
PCI Booking offers several options for you to display a form to capture card CVV details:
- In this case, you will need to use our capture CVV web page which is normally integrated in the form of an iFrame into your own web site - so the site visitor will enter the card’s CVV details directly to the PCI booking system.
- Are you working with third party providers where you pull credit card data from their API?
- In this case, you will need to use our tokenize on response method of the API where you send a request to the third party through PCI Booking and then the response is processed and tokenized through PCI Booking. For further documentation on tokenizing data from the response, please visit our guide on the Tokenization in Response method.
Alternatively, you may want to review our Universal Tokenization service which offers built-in integration to most third party providers to provide a simple, quick and easy method for tokenizing data retrieved from these third parties.
- In this case, you will need to use our tokenize on response method of the API where you send a request to the third party through PCI Booking and then the response is processed and tokenized through PCI Booking. For further documentation on tokenizing data from the response, please visit our guide on the Tokenization in Response method.
- Are you working with third party providers that send credit card data to your API?
- In this case, you will need to use our PCI Booking Gateway which will act as a proxy and process all requests that are sent through it. For further documentation on our Gateway, please visit our Tokenization in Request (Gateway) method.
Outbound
- Are you working with third party providers that request credit card data from your API?
- In this case, you will need to use our PCI Booking Gateway which will act as a proxy and process all requests that are sent through it. For further documentation on our Gateway, please visit our Token Replacement in Response (Gateway) method.
- Are you working with third party providers that you push credit card to their API?
- In this case, you will need to use our token replacement method where you send a request to the third party through PCI Booking - the request will include the token of the card - and then PCI Booking will add the content of the token to the specified locations within the message and replay it to the third party. For further documentation on performing token replacement please visit our guide on the Token Replacement in Request method.
- If these third parties are payment gateways, you may want to consider using our new Universal Payment Gateway which provides developers a single access point to working with multiple payment gateway APIs with very little change to your code when switching between payment gateways. For further documentation on working with payment gateways, please visit our guide on the Universal Payment Gateway service.
- Do you work with hotels and do they need to retrieve credit card details from you? Do you have a way to manage credentials for the hotels to log in to a secure portal on your end?
- In this case, you will need to use our card display web page which is normally integrated in the form of an iFrame into your own website - so the hotel will log in to your portal and view the card details there. For documentation on displaying the card details in your website, please visit our guide on the Card Display iFrame method.
- If you do work with hotels and they require to retrieve card details from you, however, you do not have a portal for them to login to, you may want to consider using the PCI Booking Property Management System and manage all of your properties within the PCI Booking system. For documentation on the PCI Booking Property Management System, please visit our guide on the Property Management methods.
Updated over 2 years ago