Receive a card from a third party and relay to payment gateway
This guide will discuss the scenario where the PCI Booking receives card details from a third party (the card details can either be pushed to the customer by the third party or the customer pull the card details from the third party), store and process the details with the customer and then send the card details to a payment gateway to be charged.
Stage #1: Receiving card details from third party
The PCI Booking customer can get the card details in one of two methods:
- The customer pulling the required information from the third party's API (additional details below).
- This will require the customer to use the Tokenization in Response method
- The third party pushing the required information to the customer's API (additional details below).
- This will require the customer to use the Tokenization in Request (Gateway) system.
Pulling data:
A typical use case would follow these steps:
- The third party (for example, an OTA such as Booking.com, Expedia, etc) sends a notification to the customer that there is a new reservation that they need to process.
- This notification includes some sort of unique ID to identify the reservation (for example, a reservation ID).
- For the purpose of this guide, we assume that this notification does not include any payment information.
- The customer stores reservation ID.
- The customer sends a request, including the reservation ID to the third party's API to retrieve the reservation details of that specific reservation (the reservation details would include the credit card details associated with this reservation).
- The customer stores reservation details and credit card details for further processing.
Below is a simple workflow diagram to explain this process when using PCI Booking:
(click on the image to enlarge it)
Pushing data:
A typical use case would follow these steps:
- The third party (for example, an OTA such as Booking.com, Expedia, etc) sends the reservation details (including credit card details) to the customer's API.
- The customer stores reservation details and credit card details for further processing.
Below is a simple workflow diagram to explain this process when using PCI Booking;
Stage #2: Charging the card
Once the customer has received the card details, they must send it to a payment gateway to be charged.
- For the purpose of this guide, we assume that the customer will be using one of the payment gateways supported within the Universal Payment Gateway service.
Below is a simple workflow diagram to explain this process when using PCI Booking:
Example
Below is a complete workflow of the scenario where the customer pulls the reservation details from the third party and then submits the card details to be charged:
(click on the image to enlarge it)
Updated about 5 years ago