Integration Guides
Start typing to search…

Limited PCI Scope

How It Works

With this approach, merchants can tokenize and store payment card data, minimizing PCI compliance scope while maintaining control over payment processing.

  1. Provisioning Tokens – Obtaining a secure token for a transaction.
  2. Using Tokens – Utilizing tokens for payments, either in single-use or multi-use forms.

Note: Merchants must be PCI Level 1 compliant to implement this approach.

Provisioning Tokens

1. Tokenize card data

This step allows merchants to process payments while minimizing PCI exposure. The merchant sends card data to the PSP for authorization, then provisions a Forter token for secure storage.

The Forter token is then linked to a network token, ensuring enhanced security and enabling future transactions.

sequenceDiagram
    autonumber
    participant B as Buyer
    participant M as Merchant
    participant F as Forter Tokenization Server
    participant PSP as PSP
    
    B->>M: Pay {cardData}
    M->>PSP: Authorization {cardData, {3DSValues}}
    PSP-->>M: Response {authorizationOutcome}
    M-->>B: Payment Succeeded/Failed
    M->>F: Provision Forter Token {cardData}
    F->>F: Provision Forter Token {cardData}
    F-->>M: Response {forterToken}
    F->>F: Provision Network Token {cardData}
    F->>F: Bind Tokens {forterToken, networkToken}

2. Pay with Forter token

At this stage, the merchant uses the single-use token to complete a payment.

Once authorized, the transaction is completed, and the merchant may choose to upgrade the token for future use.

sequenceDiagram
    autonumber
    participant B as Buyer
    participant M as Merchant
    participant F as Forter Tokenization Server
    participant PSP as PSP
    
    B->>M: Pay {selectedCardIndex}
    M->>M: Retrieve Forter Token {selectedCardIndex}
    M->>F: Detokenize {forterToken}
    F->>F: Retrieve Network Token {forterToken}
    F->>F: Provision NT Cryptogram {networkToken}
    F-->>M: Response {networkToken, ntCryptogram}
    M->>PSP: Authrization {networkToken, ntCryptogram, {3DSValues}}
    PSP-->>M: Response {authorizationOutcome}
    M-->>B: Payment Succeeded/Failed

3. Upgrade

After a payment, merchants must upgrade a token to enable multi-use transactions, allowing future payments without requiring card re-entry.

Forter provides 2 solutions for generating a multi-use token

  1. Network Token: Preferred by issuers, adds security, and increases approval rates.
sequenceDiagram
    autonumber
    participant M as Merchant
    participant F as Forter Tokenization Server
%%    participant FV as Forter Vault
    participant CN as Card Network
    
    M->>F: Upgrade to Multi-Use Token <br> {forterSingleUseToken, networkToken.provision=true}
%%    F->>FV: Retrieve Card Data {forterSingleUseToken}
%%    FV-->>F: Response {cardData}
    F->>CN: Provision Network Token {cardData}
    CN-->>F: Response {networkToken}
    F->>F: Create Multi-Use token {cardData, networkToken}
    F->>M: Response {multiUseToken} 
    M->>M: Save Forter Token {multiUseToken}
  1. Multi-Use Token without Network Token: If a network token isn’t available, Forter provides its own secure token.
sequenceDiagram
    autonumber
    participant M as Merchant
    participant F as Forter Tokenization Server
%%    participant FV as Forter Vault
    participant CN as Card Network
    
    M->>F: Upgrade to Multi-Use Token <br> {forterSingleUseToken}
%%    F->>FV: Create Multi-Use token {forterSingleUseToken}
%%    FV-->>F: Response {multiUseToken}
    F->>M: Response {multiUseToken} 
    M->>M: Save Forter Token {multiUseToken}

Using Tokens

Once a token has been provisioned, the merchant can use it for future payments. The method depends on whether a Network Token was issued.

Based on the way the token was created there are 2 different options for using the card

  1. Using a Forter Token linked to a Network Token
sequenceDiagram
    autonumber
    participant U as Buyer
    participant CP as Checkout Page
    participant M as Merchant
    participant F as Forter Proxy
%%    participant FV as Forter Vault
    participant PSP as PSP
    participant CN as Card Network
    
    U->>CP: Pay with selected card
    CP->>M: Pay {selectedCardIndex}
    M->>M: Retrieve Forter Multi-Use token {selectedCardIndex}
    M->>F: Authorization <br> {multiUseToken, networkToken.provision=true}
%%    F->>FV: Retrieve Network Token {multiUseToken}
%%    FV-->>F: Response {networkToken}
    F->>CN: Provision Cryptogram {networkToken}
    CN-->>F: Response {cryptogram}
    F->>PSP: Authorization {cryptogram}
    PSP-->>F: Response {authorizationResult}
    F-->>M: Response {authorizationResult}
    M-->>CP: Payment succeeded/failed
    CP-->>M: Payment succeeded/failed

A cryptogram is a secure, time-sensitive authentication value that improves approval rates and security for network token transactions.

  1. Using a Forter Multi-Use Token (No Network Token).
sequenceDiagram
    autonumber
    participant U as Buyer
    participant CP as Checkout Page
    participant M as Merchant
    participant F as Forter Proxy
%%    participant FV as Forter Vault
    participant PSP as PSP
    
    U->>CP: Pay with selected card
    CP->>M: Pay {selectedCardIndex}
    M->>M: Retrieve Forter Multi-Use token {selectedCardIndex}
    M->>F: Authorization <br> {multiUseToken}
%%    F->>FV: Retrieve card data {multiUseToken}
%%    FV-->>F: Response {cardData}
    F->>PSP: Authorization {cardData}
    PSP-->>F: Response {authorizationResult}
    F-->>M: Response {authorizationResult}
    M-->>CP: Payment succeeded/failed
    CP-->>M: Payment succeeded/failed

Updated 10 days ago

What’s Next