Developer Guide Menu

Flex Microform 0.11

Flex Microform replaces the card number input field with a Cybersource-hosted page that and calls the Flex API on your behalf.
You can style this page to look and behave like any other field on your website, which might qualify you for PCI DSS assessments based on SAQ A.
Flex Microform provides the most secure method for tokenizing card data. Sensitive data is encrypted on the customer’s device before HTTPS transmission to Cybersource. This method reduces the potential for man-in-the middle attacks on the HTTPS connection.

How It Works

The Flex Microform JavaScript library enables you to replace the sensitive card number input field with a secure iframe (hosted by Cybersource), which captures data on your behalf. This embedded field will blend seamlessly into your checkout process.
When captured, the card number is replaced with a mathematically irreversible token that only you can use. The token can be used in place of the card number for follow-on transactions in existing Cybersource APIs.

PCI Compliance

The least burdensome level of PCI compliance is SAQ A. To achieve this compliance, you must securely capture sensitive payment data using a validated payment provider.
To meet this requirement, Flex Microform renders secure iframes for the payment card and card verification number input fields. These iframes are hosted by Cybersource and payment data is submitted directly to Cybersource through the secure Flex API, never touching your systems.

Browser Support

  • Chrome 37 or later
  • Edge 12 or later
  • Firefox 34 or later
  • Internet Explorer 11 or later
  • Opera 24 or later
  • Safari 10.1 or later