Secure Acceptance with the Token Management Service

CyberSource Secure Acceptance and Token Management Services (TMS) can be used to reduce the PCI compliance scope for your organization. TMS tokens can be used for traditional transactions that withdraw funds from a payment account or for Payout transactions that transfer funds to a payment account.
PCI compliance is required for participants in CyberSource Payouts. This compliance includes securely capturing and storing payment account information.
For information about how to implement Secure Acceptance or TMS, see the documentation for these services:
  • For a merchant to use Secure Acceptance with CyberSource Payouts, the merchant must participate in the Tokenization Management Service. The only supported Secure Acceptance flow is Create a Payment Token. One-click Checkout and Silent Order Post are NOT supported for CyberSource Payouts.
  • TMS refers to tokens as subscription IDs. Tto see the token, navigate to
    Recurring Subscription Info > Subscription ID
  • When submitting payout requests using the subscription ID (token), the merchant sends the
    Recurring Subscription Info
    data block containing the subscription ID. The merchant would not send the
    data block or any of the card data elements. Card data is retrieved from the vault using the provided subscription ID.
  • Secure Acceptance also provides the option to bundle services listed below to get payment account attributes and check the validity of the payment card.
Back to top