Secure Acceptance Flexible Token enable implementation of the highest level of security while retaining full control of the user experience.
Flexible Token API sends encrypted card data direct to CyberSource, in a restful call to the /tokens resource.
For web based applications, Microform helps ensure code does not touch card data.
There is an alternative if a direct connection is required to the underlying API.
Native app experiences where a web view is not desirable
Web experiences where client-side access to the card number is needed. “An example could be to differentiate between gift cards and payment cards.”
Three party models where a PCI DSS compliant third party needs to securely create tokens within a CyberSource token vault.
Flexible Token API flow is largely the same as Microform, with the exception being capture, encryption and POSTing of card data is self-implemented to CyberSource.