PCI Booking provides a simple, Restful, API to perform all actions regarding a credit card.

PCI Booking is made up of several application areas. This developers site contains a guide and a reference manual for each application area.

  • The guides allow software architects and designers to have a broad view on the system operation and easily pick up those components which can fit the best different application scenarios.
  • The reference manuals allow developers to have a clear understanding of which methods are available, what input parameters are required for each method and the expected results of each.

PCI Shield

PCI Shield is the core component of the PCI Booking suite of APIs. It enables Bookers1 to outsource PCI DSS compliance, letting them send and receive customer's payment data securely. Data is tokenized, ensuring it never touches the Bookers'1 environment.

There are two typical scenarios for capturing card data ("inbound"):

  • The eCommerce2 site (portal) captures card details from customers, interactively.
  • The eCommerce2 site receives card details via an API, either in "push" mode or in "pull" mode.

Regardless of how the card token was created (based on the methods above), PCI Shield can be used when passing/transmitting to third parties:

  • The eCommerce2 site (portal) displays card details to customers, interactively.
  • The eCommerce2 system sends card details via an API (along with other data) to a third party.

PCI Booking customers can query and manage card data stored in PCI Booking, using an API. Thus, the eCommerce2 site can offer customers an e-Wallet service, where they do not have to re-type card details for every payment.