PCI Shield

PCI Shield is the core component of the PCI Booking suite of APIs. It enables Bookers¹ to outsource PCI DSS compliance, letting them send and receive customer's payment data securely. Data is tokenized, ensuring it never touches the Bookers'¹ environment.

There are two typical scenarios for capturing card data ("inbound"):

• The eCommerce² site (portal) captures card details from customers, interactively.
• The eCommerce² site receives card details via an API, either in "push" mode or in "pull" mode.

Regardless of how the card token was created (based on the methods above), PCI Shield can be used when passing/transmitting to third parties:

• The eCommerce² site (portal) displays card details to customers, interactively.
• The eCommerce² system sends card details via an API (along with other data) to a third party.

PCI Booking customers can query and manage card data stored in PCI Booking, using an API. Thus, the eCommerce² site can offer customers an e-Wallet service, where they do not have to re-type card details for every payment.