Tokenization
Tokenization is a process to convert card number and expiry date into a unique alphanumeric string (eg. 5a04127fbe64ae7e487f8c55
) called token. This token represents the buyer’s card details, so that you do not have to handle the real credit card information. This reduces your PCI-DSS scope and enhances security.
Tokenization happens on the front-end, such as browser or mobile app. When tokenizing, public API key is used. Xendit offers single-use or multiple-use tokens, based on your business needs.
Single Use Token | Multiple Use Token |
---|---|
Valid for only one transaction | Valid for multiple transactions |
Token is unusable after one transaction is completed | Once the card details have been tokenized once, this do not be repeated for future charges |
Expires when the card expires | Expires when the card expires |
The chart below shows a typical tokenization flow:
![](/_next/image?url=https%3A%2F%2Fstatic.xendit.co%2Fxendit-docs%2Fa9125230-562d-4205-9c43-c427d85f3ee6%2F2021%2F7%2F27%2F33127265-ba0b-45f7-87d5-e39ab9c7248a%2Fwp-content-uploads-2019-11-cc-tokenization-flow.png&w=1200&q=75)
Last Updated on 2023-09-15