Multiple Payment Processor Tokens

June 6, 2019

An order management service (OMS) website accepts orders for multiple companies. Each order may contain purchases from multiple companies. The OMS forwards orders to each company. Each company uses a different payment processor.

Goal

Remove credit cards from the order management service’s environment while providing each company with a token specific to their payment processor.

Solution

The order management service (OMS) uses an HTML iFrame hosted on the PCI-compliant AuricVault® servers to collect and tokenize the customer’s credit card number.

The OMS then makes multiple calls to the AuricVault® service and uses the Token Swap option to create processor-specific tokens for each company.

The OMS forwards the processor-specific tokens in the company’s order.

The OMS does not need to integrate with each payment processor — just integrate with the AuricVault® service. The single Token Swap interface reduces integration complexity.

Data Flow

Token Swap dataflow.

 

The Token Swap data flow.

The company has already created AuricVault® tokens while collecting inbound orders.

  1. The Order Management service sends an AuricVault® token to the AuricVault® Token Swap option and requests a token for a specific payment processor.
  2. The Token Swap option detokenizes the credit card account number, forwards it to the proper payment processor, and receives a processor-specific token back.
  3. The AuricVault® service returns the processor-specific token to the Order Management service.
  4. The Order Management service forwards the order containing the processor-specific token to the appropriate company.

Security

The AuricVault® service's Token Swap option completely removes the credit card number from the OMS data flow. The end-company receives the secure payment-processor specific token.

Have Questions?

Contact Us

1,000 character limit.

By submitting your name, email address, phone number, and message, you are permitting us to contact you by these means in response to your inquiry or feedback. You also acknowledge that you have read our Privacy Statement and that you consent to our processing data in accordance with it.