Zero PCI Scope

how it works using this approach for forter tokenization solution, you can process payments without handling raw card details , reducing pci compliance scope and improving security provision tokens – obtain a secure token for a transaction use tokens – utilize token for payments, either in single use or multi use forms provision tokens collect card data this step ensures that you do not handle raw card data instead, the https //docs forter com/hosted fields sdk component securely transmits the card details to forter and returns a single use token single use tokens ensure security by preventing direct card data storage they are the first step before upgrading to a multi use token for future transactions sequencediagram autonumber participant u as buyer participant cp as checkout page participant hf as hosted fields participant f as forter tokenization server u >>hf insert card data {carddata} hf >>f send card data securely {carddata} f >>cp response {fortersingleusetoken} pay with forter token at this stage, you use the single use token to complete a payment sequencediagram autonumber participant u as buyer participant cp as checkout page participant m as merchant participant f as forter proxy participant p as network/psp u >>m pay {fortersingleusetoken} m >>f authorization {fortersingleusetoken} f >>p authorization {carddata} p >>f response {authorizationoutcome} f >>m response {authorizationoutcome} m >>cp payment succeeded/failed cp >>u payment succeeded/failed once authorized, the transaction is completed upgrade token (optional) after payment, you may https //docs forter com/reference/upgrade to multi use , allowing future payments without requiring card re entry forter provides two solutions for generating a multi use token 1 network token preferred by issuers, adds security, and increases approval rates sequencediagram autonumber participant m as merchant participant f as forter tokenization server %% participant fv as forter vault participant cn as card network m >>f upgrade to multi use token \<br> {fortersingleusetoken, networktoken provision=true} %% f >>fv retrieve card data {fortersingleusetoken} %% fv >>f response {carddata} f >>cn provision network token {carddata} cn >>f response {networktoken} f >>f create multi use token {carddata, networktoken} f >>m response {multiusetoken} m >>m save forter token {multiusetoken} 2 multi use token without network token if a network token isn’t available, forter provides its own secure token sequencediagram autonumber participant m as merchant participant f as forter tokenization server %% participant fv as forter vault m >>f upgrade to multi use token \<br> {fortersingleusetoken} %% f >>fv create multi use token {fortersingleusetoken} %% fv >>f response {multiusetoken} f >>m response {multiusetoken} m >>m save forter token {multiusetoken} use tokens once a token has been provisioned, you can use it for future payments the method depends on whether a network token was issued based on the way the token was created there are two different options for using the card 1\ use a forter token linked to a network token sequencediagram autonumber participant u as buyer participant cp as checkout page participant m as merchant participant f as forter proxy %% participant fv as forter vault participant psp as psp participant cn as card network u >>cp pay with selected card cp >>m pay {selectedcardindex} m >>m retrieve forter multi use token {selectedcardindex} m >>f authorization \<br> {multiusetoken, networktoken provision=true} %% f >>fv retrieve network token {multiusetoken} %% fv >>f response {networktoken} f >>cn provision cryptogram {networktoken} cn >>f response {cryptogram} f >>psp authorization {cryptogram} psp >>f response {authorizationresult} f >>m response {authorizationresult} m >>cp payment succeeded/failed cp >>m payment succeeded/failed a cryptogram is a secure, time sensitive authentication value that improves approval rates and security for network token transactions 2\ using a forter multi use token (no network token) sequencediagram autonumber participant u as buyer participant cp as checkout page participant m as merchant participant f as forter proxy %% participant fv as forter vault participant psp as psp u >>cp pay with selected card cp >>m pay {selectedcardindex} m >>m retrieve forter multi use token {selectedcardindex} m >>f authorization \<br> {multiusetoken} %% f >>fv retrieve card data {multiusetoken} %% fv >>f response {carddata} f >>psp authorization {carddata} psp >>f response {authorizationresult} f >>m response {authorizationresult} m >>cp payment succeeded/failed cp >>m payment succeeded/failed