PCI Booking provides a simple, Restful, API to perform all actions regarding a credit card.

PCI Booking is made up of several application areas. This developers site contains a guide and a reference manual for each application area.

  • The guides allow software architects and designers to have a broad view on the system operation and easily pick up those components which can fit the best different application scenarios.
  • The reference manuals allow developers to have a clear understanding of which methods are available, what input parameters are required for each method and the expected results of each.


System Limitations

Max number of destinations in a Send request25
Max number of outbound messages to return in a query25
Max number of inbound messages to return in a query25
eFolio maximum total file size4 MB
eFolio supported file typesPDF, PS, GIF, JPEG, PNG, HTML, RTF, TIFF, TXT
TTL: Time To Live. The time frame of the messages left in the Property's inbound messages9,999 seconds by default, if the user has not specified otherwise
Data saved in database timeframe - credit card data and security codeCurrent; no time limitation
Session timeout (IDLE timeout)15 minutes
Supported browsers - card display form and card capture formLatest version of Internet Explorer, Google Chrome and Safari

Password Restrictions

List of allowed characters in the password

2!Exclamation mark
3"Quotation mark
4#Number sign, Hashtag, Octothorpe, Sharp
5$Dollar sign
6%Percent sign
9(Left parenthesis
10)Right parenthesis
12+Plus sign
15.Full stop
16/Slash (Solidus)
18<Less-than sign
19=Equal sign
20>Greater-than sign
21?Question mark
22@At sign
23[Left Square Bracket
24\ Backslash
25]Right Square Bracket

CVV Storage Restrictions

PCI compliance guidelines state that CVV cannot be stored indefinitely. According to the compliance regulations, the CVV can only be stored until it is "used" - the definition of the CVV being "used" is based on your individual workflow.
In order to comply with the guidelines, we incorporate a CVV restriction policy which allows customers to set, with approved limits, the relay restrictions and storage period limits of the CVV that are stored in their tokens. This allows customers to match the CVV retention policy to their own individual workflows.

For more information, please read about managing CVV Restrictions.

Card Storage limitations

PCI Booking does not limit customers on how long cards can be stored. Customers can keep cards in the system for as long as required based on their needs and requirements - regardless of and information in the card itself (for example, customer can keep storing cards that have expired).

PCI Booking offers customers the ability to delete stored cards on demand (using our delete method or automatically as part of the CVV retention policy.

Updated 3 months ago


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.