Universal Payment Gateway

With the PCI Booking API for universal payment gateways, developers can easily use a variety of payment gateways for processing credit cards. PCI Booking offers the ability to process charges on cards tokenized with PCI Booking and on full credit card details provided in the charge request.

All you need to do is to integrate once with PCI Booking API. Select your preferred payment gateway by configuring your account or by specifying the desired payment gateway in your request.

In order to get started, please set up an account with your preferred payment gateway. Then retrieve the required authentication credentials for that account.

If you don't see your preferred payment gateway, please contact us.

When requesting to add a new payment gateway, you will be asked to provide the following:

  • Name and web site of the payment gateway
  • A link to the English version of the integration manual for this payment gateway
  • Either a test account for our developers to use for developing the integration or explanation as to how to register for a test account.

Typical Use

Any merchant collecting payments via a payment gateway can use PCI Booking’s generic integration API to connect to current or new payment gateways.

Methods available for the universal payment gateway

ActionProcessMethod reference
Query for available payment gatewaysThe request will produce a list of supported payment gateways, and the description of the credentials. No authorization is required.Get Payment Gateways
Process card using a tokenThe request will send one of the operations to the payment gateway with the card details stored in the PCI Booking token. (see the operations list, below)Process Payment Gateway Transaction
Process card using full card detailsThe request will send one of the operations to the payment gateway with the card details provided in the request. (see the operations list, below)Process Payment Gateway Transaction

The merchants can use the following operations:

  1. Pre authorization: This operation will be used to authorize a credit card payment. It will not charge the card.
  2. Capture a previously authorized credit card payment: This operation will be used to charge a credit card after the card has already been pre authorized.
  3. Charge: This operation will be used to authorize and capture a credit card.
  4. Refund: This operation will be used to refund a customer.
  5. Void: This operation will be used to cancel a pre-authorizations that has not been settled yet.
  6. Tokenize: This operation will be used to send the card to be stored with the payment gateway and generate their own token.
    Please note:
    1. The tokenization operation will not trigger a charge, it will simply store the card and generate the token.
    2. You will still have the card stored in PCI Booking - if this is no longer needed, you may want to consider delete the card from PCI Booking.

Operation status from the payment gateway

An operation may have one of the following statuses:

  • Accepted - The payment gateway accepted the request.
  • Success - The operation was successful.
  • Rejected - The operation was rejected by the payment gateway.
    The response will contain the payment gateway description and the acquirer's bank description.
  • TemporaryFailure - The process has failed. The merchant can retry.
  • FatalFailure - The process has failed.

Transaction Flow

  • Collect the card details that should be charged:
    • If you will be using the PCI Booking tokenization service to store the cards, you will need to first tokenize a card. Find out more in our Inbound Methods documentation.
    • If you will be submitting the full card details in the request, it will be up to you to collect and store the card details.
  • Use the Get Payment Gateways method to retrieve the list of payment gateways already integrated in PCI Booking.
  • Submit the Payment Gateway Transaction request with your chosen payment gateway and the token that should be charged.
  • Process the response from the payment gateway.
  • Optionally, if you are storing cards in PCI Booking, you can add business logic based on the current status of the CVV retention policy

Authentication with the payment gateways

PCI Booking supports two methods of authentication with the payment gateways:

  • Authentication using username and password
  • Authentication using client certificate

PCI Booking also allows you to store in our vault the credentials for yourself or your customers (read more).

The type of authentication to be used is based on the specific requirements of each payment gateway that you choose to use.

Production vs. Sandbox usage of payment gateways

PCI Booking offers its customers the option of developing and testing their environment with a free sandbox account.
Most payment gateways also have a sandbox or test environment to allow customers to test their integrations.

When sending a request to a payment gateway from a sandbox account in PCI Booking, the request will be automatically sent to the sandbox or testing environment of the specified payment gateway. The credentials provided in such a request must then also be for an account within the sandbox environment of the payment gateway.

Integration certification with payment gateways

Some payment gateways require that the integration undergo a certification process to ensure that it was done properly. PCI Booking attempts to perform this certification as part of the process of creating the integration. In most cases, the payment gateway would require you to provide them with the certification of the integration prior to opening an account for you in their system.

Below you will find the list of payment gateways to which we have performed integration certification. If the payment gateway that you would like to use is requesting an integration certification and is on the below list, please contact us and we will proceed on the discussion with the payment gateway.