Show Card IFrame API
JavaScript API to work with the Card Show Iframe
Last updated
JavaScript API to work with the Card Show Iframe
Last updated
To show cards in a PCI safe way you can use the Show Card method. This method will return a HTML Page with credit card information that you can show to your end users.
No sensitive data will touch your servers and you will remain out of scope.
Requirements to use Iframe
Generated iframe link should be passed to the user so iframe would be loaded on the client side; it's not allowed to view them on server-side for any purposes (like printing or scraping)
2fa for login into the system or 2fa for viewing the card should be implemented; User password retyping does not qualify as 2fa.
All view requests should be logged on your side so you will know which user is trying to view the card. Ideally you need Username, timestamp, card viewed, IP address, location of IP.
We will disable view_card functionality on your account if our monitoring system detects suspicious activities on your account until further investigation.
Arguments
| Argument | Description |
|---|---|
Vaultera PCI will return a HTML page where the user can see the
Card Number
Expiration Date
Card Type
Cardholder Name
Service Code (CVV, CVC) Button
To be able to see Service code (CVV), you should provide the service_code_token which will be used to request Service Code.
Service Code will be hidden by a button, by clicking this button the user will load Service Code and it will be immediately removed from Storage.
Our iframe to show card information makes the user click to see the service code (CVV/CVC). This is helpful because once it is viewed it must be deleted.
Supported languages: de, en, el, es, is, it, pt, ru.
If you need custom language please contact support.
Card show iframe can be customized with your own CSS to match your needed look and feel. Custom styles can be added to your account by contacting support.
card_token
Card token at Vaultera.PCI
session_token
One-off Session token with scope show_card
service_code_token
One-off Session token with scope show_service_code to show Card Service Code
lang (optional)
Override default language
style (optional)
Additional custom CSS styles