Flex API is suitable for use cases that require access to the PAN in client-side code.
For example, you might use this API to detect gift cards and route them differently. You can also use the Flex API for native app implementations, which can qualify you for PCI DSS assessments based on SAQ A-EP . The Flex-SDK-Web SDK can help you with a Web-based client-side implementation of the Flex API.
Storing your customer’s card data can dramatically increase your repeat-custom conversion rate, but it can also add risk along with PCI DSS overhead. This burden can be mitigated by tokenizing card data. Cybersource will replace your customer’s card data with a token and store it so that it can only be used by you.