Skip to main content
The Payments Library (@pcibooking/ewallet) is a client-side JavaScript SDK that handles card capture and payment processing in your checkout page. It renders secure payment forms, manages communication with PCI Booking’s servers, and supports multiple payment methods from a single integration point. For how the Payments Library fits into the overall tokenization flow, see Payments Library under Capture Cards.

Key Capabilities

  • Card payments. Render a secure card form (in popup or iframe mode) for credit and debit card entry with full 3D Secure support.
  • Digital wallets. Accept Apple Pay, Google Pay, PayPal, BankPay, and UPI alongside card payments on the same checkout page.
  • Multiple operations. Support for CHARGE, TOKENIZE, CHARGE_AND_TOKENIZE, PREAUTH_AND_TOKENIZE, and GATEWAY_TOKENIZE, depending on the payment method.
  • PCI compliance. Card data is captured inside PCI Booking’s secure environment and never touches your servers, keeping you out of PCI DSS scope.

How It Works

The Payments Library uses a session-based architecture with JWS (JSON Web Signature) signing for secure communication:
  1. Your server calls the PCI Booking API to create a session, specifying the operation type and amount.
  2. Your frontend initializes the Payments Library with the session token.
  3. The library renders payment method buttons and forms based on the session configuration and the customer’s device capabilities.
  4. The customer selects a payment method and completes the transaction.
  5. PCI Booking processes the payment and returns the result to your frontend callback.

Architecture

The Payments Library follows a client-server model where sensitive operations happen on PCI Booking’s servers and your frontend only handles the UI layer.
  • Session creation (server-side). Your backend calls PCI Booking’s API to create a session, specifying the operation type (CHARGE, TOKENIZE, CHARGE_AND_TOKENIZE, PREAUTH_AND_TOKENIZE, or GATEWAY_TOKENIZE), the PSP credentials, amount, and currency. PCI Booking returns a signed JWS session token.
  • Library initialization (client-side). Your frontend loads the @pcibooking/ewallet package and initializes it with the session token. The library verifies the token signature and configures itself based on the session parameters.
  • Payment method rendering. The library detects the customer’s device and browser capabilities, then renders only the payment methods that are available. For example, Apple Pay buttons appear only on Safari with a compatible device, and Google Pay buttons appear only in Chrome with a linked Google account.
  • Secure data handling. Card form fields are rendered inside PCI Booking’s secure environment (either an iframe or a popup). Card data is submitted directly from the form to PCI Booking’s servers. Your page never has access to the raw card data, keeping you fully outside PCI DSS scope.
  • Result callback. After the payment is processed (or the card is tokenized), PCI Booking calls your frontend callback function with the result, including the token, transaction status, and any error details.

Supported Payment Methods

The library supports six payment methods from a single integration point: CardPay (credit and debit cards with 3D Secure), Apple Pay, Google Pay, PayPal, BankPay (Open Banking / ACH), and UPI (India instant payments). Each method has different supported operations and device requirements. See Supported Payment Methods for the full comparison.

Credentials Setup

Each payment method requires credentials from the respective provider (Apple, Google, PayPal, etc.) stored in PCI Booking. See Payments Library Credentials for the full list of required credentials per method.

End-to-End Integration Example

This example shows the complete flow: creating a session on your server, loading the library on the client, and handling the payment result.

Step 1: Create a Session (Server-Side)

Step 2: Load the Library and Present Payment UI (Client-Side)

Step 3: Validate the Result (Server-Side)

Integration Guides

Setup

Install the library, create a session, and run a working example

Supported Payment Methods

All methods with browser support, device requirements, and supported operations

Library Reference

Full API surface: constructor parameters, methods, UI options, and operation types