Recommendations and Best Practices

CyberSource Payouts RESTful APIs support most of the CyberSource features under e-commerce. When you use Payouts to accept payments, you might make use of many of these capabilities.
Your application must be PCI-compliant; you can reduce PCI scope by making use of CyberSource’s capabilities. You can incorporate the following recommended functions into your Payouts application. A typical transaction flow includes the following:
  1. Secure capture of payment account information including number, expiration date, and billing address. If originators are not PCI-compliant, they must use Secure Acceptance with TMS (see "Secure Acceptance with the Token Management Service").
  2. Use Account Lookup to check attributes of the account to determine if the account is eligible to receive payouts (see "Account Lookup").
  3. Ensure the validity of the payment card by performing a preauthorization transaction (see "Account Validation (Preauthorization)").
  4. Initiate the Payouts API transaction (see "Payouts API").
Back to top