Developer Guide Menu

Flex Microform

Flex Microform is a CyberSource-hosted page that replaces the card number input field and calls the Flex API on your behalf.
You can style this page to look like and behave the same as any other field on your website. This might qualify you for PCI DSS assessments based on SAQ A .
Flex Microform provides the most secure method for tokenizing card data. Sensitive data is encrypted on the customer’s device before HTTPS transmission to CyberSource. This method mitigates any compromise of the HTTPS connection by a man-in-the-middle attack.

How It Works

Flex Microform allows you to focus on creating the best possible checkout experience for your customers.
The provided JavaScript library enables you to replace the sensitive card number input field with a secure iframe (hosted by CyberSource), that captures data on your behalf. This embedded field will look and feel just like any other input in your checkout process, allowing you to create a smooth, user-friendly experience.
When captured, the card number is replaced with a mathematically irreversible token that can be used only by you. The token can be used in place of the card number for follow-on transactions in existing CyberSource APIs.

PCI Compliance

The least burdensome level of PCI compliance is SAQ A. To achieve this compliance, sensitive payment data must be captured securely by a validated payment provider.
To meet this requirement, Flex Microform renders a secure iframe containing the card number input. This iframe is hosted by CyberSource and payment data is submitted directly to CyberSource through the secure Flex API , thus never touching your systems.
As user experience is an integral part of any modern e-commerce application, we provide all the tools required to blend seamlessly with your checkout experience. Various event hooks and styling options are available to facilitate, maximizing customizability without compromising PCI compliance.

Browser Support

  • Internet Explorer 11 or later
  • Edge 13 or later
  • Firefox 21 or later
  • Chrome 11 or later
  • Safari 6.1 or later
  • Opera 15 or later
Top