PCI Friendly API

From Payment Processing Software Library
(Redirected from PCI Exempt API)
Jump to: navigation, search

→ These API provide tokenization and sensitive data user interface encapsulation capabilities.

This article is part of the
Payment Processing Software Library


Get it...

Credit Card Software

Install it...

Upgrade & Migration

Connect to it...

Point Of Sale Integration

Set it up...

Quick Start Guide
Processor Setup


Learn to use it...

Manual & User Guide
Knowledge Base
Frequently Asked Questions
Compliance Guide
Merchant Account Rates
User Interface Guides

Fix it...

Errors & Troubleshooting
Knowledge Base
Corrupted Install Repair

Get Help...

Processor Support Contacts

More Info ...


See also...

911 Software

CreditLine Payment Processing Software PA-DSS Friendly API. This site can also be reached at http://docs.911software.com

Looking for better rates?   Get a Free Credit Card Processing Cost Comparison!


There are three ways, in which CreditLine can help your application eliminate exposure to the payment info:

  1. Our application pops up a custom UI for accepting and processing credit cards, debit cards or gift cards, so that your application does not have to.
    All aspects of the UI can be customized
  2. Recurrent credit card data is accepted, stored and processed through our custom UI, as well.
  3. Tokenization UI API is used to reference credit card data that is stored and encrypted within CreditLine, instead of your POS.

This way your application can claim that no credit card data is being stored or processed.

  • Important Notice: This program was called "PCI Exempt". We changed the name to reflect the new policies of the PCI Council. PCI Exempt used to be a convenient term that Point Of Sale developers use to refer to the practice of tokenization and external UI encapsulation. 911 Software does not have the authority to exempt any vendor from PCI requirements. Please, contact your independent PCI auditor for rules applicable to your situation.


To begin with, you will need the following:

  1. The interface header file CLCAPIW.h located in 911\BIN directory. This header contains the ENTIRE listing of available API.
  2. The library file CLCAPIW2.DLLlocated in 911\BIN directory.
  3. CLCUI.ini, CLCUI.exe and PIC Directory in 911\BIN directory.
    → If you use the version 4.1 Build 1101 SP7 and higher, please copy CLCUI.ini, CLCUI.exe and PIC directory to you application folder.

Language Specific Instructions

Visual Basic

  • In VB you need to declare all the parameters using the ByVal prefix instead of ByRef. This includes the strings.
  • If you would like to use an OCX instead for Visual Basic, you can use CLClient.ocx in the same directory. Another alternative is File Based Communication.

Public Declare Function clcInit Lib "CLCAPIW2.dll" (ByVal ClientName As String, ByVal ServerName As String As Integer)


  • The Header file is the regular WIN32 header file. The data type LONG is 32 bit.
  • In C, the path has to be of format "C:\\911\\DATA", because back-slash is the escape char

DllImport("CLCAPIW2.dll", EntryPoint="clcInit", SetLastError=true, ExactSpelling=true, CallingConvention=CallingConvention.StdCall)

public static extern int clcInit(string ClientName, string ServerName);


  • For .NET please use clcCs.dll and CLCAPIW2.dll from \911\BIN directory.
  • Keep in mind that in C# and any .NET environment for instance, LONG is 64 bit so you have to use int or Integer not LONG ot Long in your definitions.
  • The .NET interface is the same as C, with one exception: there is no clc prefix and you have to use an object.

    Example: the call
    clcSetMerchantIndex(hObj, index)' is obj.setMerchantIndex(index).

Encapsulation UI


We added "clcUI" functions in the client dll. For example, you can use clcUISale instead of clcSale. So instead of doing this:


You can do this:


A screen is going to pop up and prompt the user to swipe the card. This way, the POS application does not have to deal with the credit card data.



The following bitmaps in the 911\bin directory can be used to customize the appearance:

  • pic_Key_Common.png - buttons
  • pic_StoreCard_bg.png
  • pic_ScanCard_bg.png

Behavior and Appearance

\911\bin\clcui.ini file controls the behavior and appearance of the screens.

Programmatically, the following API controls the UI fields which can be found in \911\bin\clcui.ini file
for instance: clcUISetIniField( "RequireCustomerName", FALSE );

Debit Card Processing

The following API works for both credit cards and debit cards.
For debit card transactions, use clcSetAccountType to set the next transaction as type debit, before calling clcUISale

→ You can bring up a Credit/Debit selection dialog box automatically. To enable, look for CanSelectAccountType switch in 911\bin\CLCUI.ini file. Uncommenting it (removing the leading ;) and setting to YES will bring up the dialog box

Secure UI API

pop up UI, get cc data and process an auth
pop up UI, get cc data and process a sale
Encapsulation UI in action
pop up UI, get cc data and process a credit
pop up UI, get cc data and add tip
void transaction
Stores card info in #Secure Storage API. Sets a tag to be pased extracted by clcGetTag() and passed to clcLoadCard for retrieval. Leave the second parameter as "" unless you want to set a custom tag
Encapsulation UI in action

Gift Card Specific UI API

activate gift card
deactivate gift card
gift card balance inquiry
gift card balance inquiry


call after transaction such as clcUISale() to get the masked account number back (e.g. 4111xxxxxxxx3567), if needed for reporting purposes
call after transaction such as clcUISale() to get card code defined by the vendor in the Authorization setup of every card type. eg. VISA=VS


Other card info, such as Customer Name is available through #Secure Storage API (see Loading Info section)

Recurrent Charges

To store the card for monthly charges, call clcUIStoreCard. This function also pops up a screen for card number input. It then stores the card on 911 CreditLine Server and returns a tag (token) to the POS application.

Then this tag can be used in place of the actual card number:


CreditLine offers tokenization of payment info to make your application "PCI Friendly"

Secure Storage API

These are additional storage API that can be used in your POS in conjuction with the UI module or stand-alone.

Storing Info

  • clcSetAccountNum → Sets account number for storage (call before clcStoreCard).
  • clcSetExpDate → Sets (format: MMYY). Set the expiration date for storage before calling clcStoreCard.
  • clcSesSetValue → Use with CLCKEY_CUSTOMERNAME, CLCKEY_CUSTOMERNUMBER, CLCKEY_CUSTOMERZIPCODE to set the customer info for storage before calling clcStoreCard.
  • clcStoreCard → Stores card info in storage. Sets a tag to be pased extracted by clcGetTag() and passed to clcLoadCard for retrieval. Leave the second parameter as "" unless you want to set a custom tag.
  • clcGetTag → Retrieves the tag set by clcStoreCard

Loading Info

  • clcLoadCard → Loads card info from storage. Accepts the tag returned by clcGetTag and set by clcStoreCard.
  • clcGetAccountNum → Gets account number from storage (call after clcLoadCard).
  • clcGetExpDate → (format: MMYY). Get the expiration date from storage (call after clcLoadCard).
  • clcSesGetValue → Use with CLCKEY_CUSTOMERNAME, CLCKEY_CUSTOMERNUMBER, CLCKEY_CUSTOMERZIPCODE to get customer info from storage after calling clcLoadCard.

Deleting Info

  • clcDeleteCard → Deletes card info from storage. Accepts the tag returned by clcGetTag and set by clcStoreCard.



(Some samples, such as Java, may be found under the legacy folder)