Request a Card Security Code Entry Form

The response of calling this method is the HTML content of the Card Security Code Capture Form itself (Click here for an example of the content). You can use the request URL either as the page URL that a customer is directed to or as the source URL of an iframe element on your page.

📘

Access Token Vs. Session Token

Between the two options of using the Access Token or the Session Token, we would recommend using the Access Token.

📘

Multiple Authentication Methods allowed

This method accepts multiple forms of authentication methods (Session Token and Access Token). If more than one authentication method is provided, the Session Token will take precedence.

📘

All URLs should be https.

📘

Please note to urlEncode all components!

📘

Duplicate Card Token

As a result of this form submission, the card details of the original token will be duplicated to a new token and the CVV data captured in this form will be added to the new token.
It is your responsibility to clear the original token that was stored in PCI Booking. If this token is not cleared, it will be charged the monthly storage fee.

📘

CVV Retention Policy

Remember to set the CVV Retention Policy for this token.

📘

Complying with Visa 3DS Authentication requirements

As of August 12th 2024, Visa requires all merchants performing 3D Secure authentication to send additional information for the purpose of the authentication. Many of these additional details are sent automatically, in the background, by our system, but there are some parameters that you will need to provide PCI Booking in your request - you would need to provide either the email address or the phone number of the person you are authenticating.

You will find two new additional parameters in this request to provide these values.

If you are using 3DS authentication, you MUST provide at least one of these values.