The HostedPCI tokenization and payment vaulting services are the core of the business that we provide to merchants for all of their online payment needs. The tokenization process replaces the credit card PAN with a secure token. The token is 16 digits in length and also keeps the first four and last four digits of the card to make it easier for Merchants to verify a customer’s card. The real credit card is then stored within a HostedPCI secure vault. Each merchant receives their own staging vault and live vault to keep their information separate from all other merchants.

The token that is used by Hosted PCI looks like a real credit card. The first 4 digits and the last 4 digits of the token match those of the credit card number, but in fact, the token is not a real credit card number. By default, the token fails MOD 10 (Modulus 10) LUHN checks. The combination of the tokens is customizable according to the needs of the merchants. The available combinations are 4+8+4, 1+11+4, and 6+6+4.

HostedPCI provides Merchants with 3 ways to collect and tokenize the credit card data. The first and most common is the HostedPCI iFrame which is used by e-commerce merchants to collect the credit card through their checkout page and provide them with a token along with the customer details. The second is the IVR which is used for collecting the credit card over the phone while keeping both the agent and any recording out of PCI scope. The last option is our API tokenization, this is used by Merchants who collect the credit card themselves however would like to store the cards within a third-party vault.

Once HostedPCI has collected the credit card using one of the methods listed above it is then stored within a Merchant specific designated vault. All Merchant’s receive their own staging and production vault completely separate from all other Merchants that use our solution. Each vault is set up as it’s own environment which means that tokens can not be interchanged between vaults, this means that each set of tokens created within a vault is for that vault only and can not be used in any other vault. This logic ensures that each Merchants data is securely stored and can not be accessed by anyone who does not have the specific token generated by your iFrame and API credentials.

The HostedPCI Tokenization and vaulting solution is independent and durable which means it can be used with any payment gateway which is on our list of supported gateways. For more information on our vaulting solutions please contact us.

Send us email

This contact form is deactivated because you refused to accept Google reCaptcha service which is necessary to validate any messages sent by the form.

Case Studies