Forter provides secure, PCI-compliant solutions for handling payment card data. This guide outlines integration options, best practices, and key considerations for implementing Forter’s card vaulting services.

Hosted Fields + Proxy

1. Collect Card Data Securely

Forter’s Hosted Fields enables secure collection of card data on the checkout page to remove PCI scope.

2. Process Payments Using a Token

Once the customer enters their payment credentials, Forter provides an agnostic single-use token (or "nonce") that can be used to process tokenized payments with any PSP. Refer to the Detokenization Proxy guide to learn how.

3. Upgrading to multi-use token (Optional)

To store a token for future transactions (e.g., saved cards or recurring payments), upgrade a single-use token to a multi-use token using the Upgrade API .

To upgrade to a multi-use network token, set networkToken.provision to true when calling the /upgrade endpoint.

Direct API Integration

🚧

This solution is compatible for PCI level 1 merchants only

Forter’s Limited PCI Compliance approach allows merchants to handle tokenized card data while limiting their PCI scope.

1. Tokenize Card Data

After collecting card details, generate a token using one of the following API calls:

• Multi-use token: Call the /tokenize endpoint .
• Single-use token: Call the /tokenize-single-use endpoint.

To generate a network token, set networkToken.provision to true when calling the /tokenize endpoint.

2. Detokenize for Payment Processing

When ready to process a payment, retrieve the original card details by calling the /detokenize endpoint, then proceed with payment processing.

3. Upgrading to multi-use token (Optional)

To store a token for future transactions (e.g., saved cards or recurring payments), upgrade a single-use token to a multi-use token using the Upgrade API .

To upgrade to a multi-use network token, set networkToken.provision to true on the upgrade API call.