This guide helps you choose the right integration approach based on your PCI compliance needs.

Which Tokenization Solution is Right for You?

⚠️ You only need to implement ONE of these methods. Choose based on your compliance and integration preferences.

1. Zero PCI Compliance (Hosted Fields + Proxy) – Recommended

Best for: Merchants who want zero PCI compliance obligations

How it Works

• Implement Forter’s Hosted Fields on your checkout page.
• Receive a single-use token when the customer submits payment.
• Process transaction using the token.
• Upgrade to a multi-use token for recurring payments via the Upgrade API .

Additional Features:

• Supports Network Tokenization (Set networkToken.provision = true)

Zero PCI Compliance quick start guide

2. Limited PCI Compliance (Direct API Integration)

Best for: PSPs and merchants who already have PCI compliance but want to reduce their scope.

How it Works

• The merchant collects card data on front end (checkout window), and sends to Forter for Forter’s PCI tokens before storage in backend.
• Forter passes card data via Detokenization Proxy to processor(s) when needed (i.e., in Authorization step).
• PCI scope is reduced, but some compliance obligations remain.

Additional Features:

• Supports Network Tokenization (Set networkToken.provision = true)

Limited PCI Compliance quick start guide

Next Steps

1. Decide between Zero or Limited PCI Compliance (Hosted Fields or Direct API Integration).
2. Follow the corresponding Quick Start guide.