PCI Tokenization and Encapsulation
| This article is part of the
Payment Processing Software Library
|Connect to it...|
|Set it up...|
|Learn to use it...|
|More Info ...|
→ Not finding all the answers? Try Knowledge Base!
PA-DSS Friendly Integration Options
With 911 Software CreditLine Payment Processing Software you have the option to make your application PCI Friendly by removing any interaction (including user interface entry) with the sensitive cardholder data from your application.
Contrary to the popular opinion, offsite storage of payment processing data (e.g. Shift4, SDC) does not free the end-user from the liabilities of handling credit cards. The cards are still handled at the store and the credit card data is still being transmitted. Because of that the merchant remains in the PCI scope. The additional cost of gateway processing does not justify the benefits.
911 Software Crediline offers the best value in "PCI Friendly" technologies by offering both the ability to be "ISO Friendly" and processing through the clearing houses directly, and the benefit of removing any and all secure payment information handling from the client's Point Of Sale source code.
- Important Notice: This program was called "PCI Exempt". We changed the name to reflect the new policies of the PCI Council. PCI Exempt used to be a convenient term that Point Of Sale developers use to refer to the practice of tokenization and external UI encapsulation. 911 Software does not have the authority to exempt any vendor from PCI requirements. Please, contact your independent PCI auditor for rules applicable to your situation.
CreditLine has secure tokens interface that allows you to securely store the credit card information for later processing.
External Payment Info Entry Encapsulation
CreditLine offers a way for the client's code to receive the token without actually touching credit card information by externalizing all of the sensitive input processing to CreditLine.
Payment Info Entry Encapsulation covers all transation types, including recurrent payments.
The cards can also be stored for future reference.
All type of cards are supported, including credit, debit and gift.
By using all of the methods above, you will be able to answer NO to the "do you store and/or processes credit card info?" question. This will result in significant compliance development savings.
The PCI Friendly API also offers a comprehensive set of card storage API.
Please see PCI Friendly API for a full list of available API