The
Flex API
 enables merchants to accept customer payment information captured within a server-side application safely and securely using a set of APIs. These APIs protect your customer's primary account number (PAN), card verification number (CVN), and other payment information by embedding this information within a transient token. This allows payment data to be stored and transported while complying with the Payment Card Industry Data Security Standard (PCI DSS) policies and procedures. These transient tokens can be validated by the receiver to ensure the data integrity and protect against data injection attacks.
WARNING
Flex API
 is intended for server-side applications only. Do not use the
Flex API
 in client-side applications. To add secure payments directly into client-side code, use
Microform Integration
 or
Unified Checkout
.

How It Works

To capture payments using the
Flex API
:
  1. Establish a payment session with a predefined customer context
  2. Validate the JSON web token
  3. Populate the JSON web token with customer information

Customer Context

One of the important benefits of
Flex API
 is managing Personal Identifiable Information (PII). You can set up your customer context to include all PII associated with transactions, protecting this information from third-parties.