ProductsDeveloperSupport
Guides

Data Vault Tokenisation

Suggest Edits

Creating a token

If you use a HTML form to initiate the payment, you can send the parameter hosteddataid together with the transaction data as a unique identification for the payment information in this transaction.

Depending on the payment type, credit card number and expiry date or IBAN and account holder name will be stored under this ID if the transaction has been successful. In cases where the submitted hosteddataid already exists for your store, the stored payment information will be updated.

If you want to assign multiple IDs to the same payment information record, you can submit the parameter hosteddataid several times with different values in the same transaction.

If you prefer not to assign a token yourself but want to let the Gateway do this for you, send the parameter assignToken and set it to ‘true’. The Gateway will then assign a token and include it in the transaction response as hosteddataid.

If you have use cases where you need some of the tokens for single transactions only (e.g. for consumers that check out as a “guest”, use the additional parameter tokenType with the values ‘ONETIME’ (card details will only be stored for a short period of time) or ‘MULTIPAY’ (card details will be stored for use in future transactions).

Using a token

If you stored cardholder information using the token, you can perform transactions using the hosteddataid without the need to pass the credit card or bank account data again.

Please note, that it is not allowed to store the card code (in most cases on the back of the card) so that for credit card transactions, the cardholder still needs to enter this value. If you use Fiserv's hosted payment forms, the cardholder will see the last four digits of the stored credit card number, the expiry date and a field to enter the card code.

When using multiple Store IDs, it is possible to access stored card data records of a different Store ID then the one that has been used when storing the record. In that way you can for example use a shared data pool for different distributive channels. To use this feature, submit the Store ID that has been used when storing the record as the additional parameter hosteddatastoreid.

Avoiding duplicate cardholder data for multiple records

To avoid customers using the same cardholder data for multiple user accounts, the additional parameter declineHostedDataDuplicates can be sent along with the request. The valid values for this parameter are ‘true’/’false’. If the value for this parameter is set to ‘true’ and the cardholder data in the request is already found to be associated with another hosteddataid, the transaction will be declined.

Updated 19 days ago

API Products

Point of Sale

Developer

Resources

Contact Cookies Privacy Notice Legal

Copyright© 2024 Fiserv. All rights reserved.

First Data Europe Limited, is a subsidiary of Fiserv, Inc. and is trading as Fiserv. First Data Europe Limited, is a private limited company incorporated in England (Company Number 02012925) with a registered address at Janus House, Endeavour Drive, Basildon, Essex, SS14 3WF. First Data Europe Limited is authorised and regulated by the UK Financial Conduct Authority (FCA Register No. 582703; CCA No. 739230). All trademarks, service marks, and trade names referenced in this material are the property of their respective owners.

v1.11

Want a quick overview?