LogoLogo
BlogLogin
English
English
  • An Introduction to Saferpay
    • Licensing
      • Legacy licensing
    • Reconciliation
    • Acquirers & Payment Methods
    • Web Shop Plugins and certified partners
      • ePages Beyond
      • ePages NOW
      • Magento 2
      • Odoo
      • PrestaShop
        • PrestaShop User Guide
      • Salesforce Commerce Cloud
      • SAP Commerce Cloud
      • Shopware 6
        • Shopware 6 User Guide - German
        • Shopware 6 User Guide - English
      • WordPress WooCommerce
      • Shopify
    • Supported Languages
    • Common Saferpay terms - Glossary
  • News
    • Changes for transactions without customer presence
    • Changes for the Saferpay Hosted Forms, Fields and Payment Page
  • Quick Links
    • Web Shop Plugins and certified partners
    • Secure PayGate
    • User Administration
    • Payment Page Configuration
    • Risk Management
    • API Authentication
  • Interfaces
    • Payment API (aka JSON API)
    • Management API
    • Backoffice
      • The Home screen
      • Batch Processing
      • Transactions
        • Transaction Details
        • Batch Close
        • Declined transactions
        • Pending authorizations
        • Analytics
        • SEPA Refunds Export
        • Authorization & Payment
        • Credit
      • Risk Management
      • Secure PayGate / Payment Links
      • Secure Card Data
        • Secure Card Data Details
      • Settings
        • JSON API basic/Client Certificate authentication
        • User Administration
        • Payment Page Configuration
      • Online Support
      • User Profile
    • Saferpay OnSite
    • Feedback
  • Integration Guide
    • Integrating Saferpay
    • Ways of integration
      • General Information
        • Data Security and PCI DSS
        • Versioning
        • 3-D Secure
        • PSD2
        • Dynamic Currency Conversion
        • Iframe Integration and CSS
        • Fraud Intelligence
          • Silver
          • Fraud Intelligence Integration
      • Payment Page
        • Payment Page checklist
      • Transaction Interface
        • Recurring Payments
        • Refunds
          • SEPA Refunds
      • Capture and Daily Closing
        • Partial Captures
          • Marketplace
      • Secure Card Data - Tokenization
      • Saferpay Fields
      • Inquire Interfaces
      • Mobile Integration
      • Omni-Channel
      • Mail Phone Order
      • Error Handling
      • API Health Check
      • Saferpay API Specification
    • Payment Methods & Wallets
      • General and special cases
      • Account-to-Account Payments
      • Alipay+
      • Apple Pay
      • American Express
      • Bancontact
      • Billie
      • blik
      • Click to Pay
      • Diners Club International & Discover Card
      • eps
      • giropay
      • Google Pay
      • iDEAL 2.0
      • JCB
      • Klarna Payments
      • Maestro International
      • Mastercard
      • paydirekt
      • PayPal
      • PostFinance Pay
      • Przelewy24
      • Reka
      • SEPA Direct Debit
      • Sofort by Klarna
      • TWINT
      • UnionPay
      • Visa & V PAY
      • WeChat Pay
      • WL Crypto Payments
    • Testing
    • Go-Live
    • Frequently Asked Questions
    • Saferpay Demo
      • Saferpay Demo Environment
      • Saferpay Demo Shop
    • Support
    • Changelog
Powered by GitBook
On this page
  • Search Options
  • Adding an entry
  • Add a card
  • Add a bank account

Was this helpful?

  1. Interfaces
  2. Backoffice

Secure Card Data

PreviousSecure PayGate / Payment LinksNextSecure Card Data Details

Last updated 2 years ago

Was this helpful?

Secure Card Data is an extra module, that can be added to your existing contract.

Not all contracts include Secure Card Data, thus this menu may not be available to you.

Furthermore, Secure Card Data only includes the saving of card-data, but not its usage. To use the saved card data, you must have a .

Secure Card Data is usually already included in a Saferpay Business contract.

The processing of card data is heavily regulated by the Payment Card Industry Data Security Standard (PCI DSS) council, introduced by Visa and Mastercard. They write the rules, that dictate, how card data has to be processed and, more importantly in this case, saved. In order to be allowed to apply to these rules, certain requirements have to be met, like certain security-levels and more. However that usually also is very expensive as well as time- and resource-intensive, which is why most merchants cannot afford it.

While most of this process is happening on API-level, the Backoffice offers some overview about your card data store and the saved data within it.

Search Options

Per default, the Backoffice allows to directly search for an entry, using the card alias itself. However by expanding the advanced search, you can also use the card number, the owner name and more.

There are different ways, Secure Card Data can be used. This is just an example.

Adding an entry

While Secure Card Data is usually only used via the API, it is possible to manually add an entry. You can do so, by clicking on Add card, or Add bank account

Add a card

The following values must be set, in order to add a credit card to your secure alias store:

  • Alias: This is the Alias, under which the card will be referenced later. Make sure, that this entry is unique! Saferpay will only use the first entry in its database, should there be another, redundant entry.

  • Lifetime: This is the time in days, this entry will be valid. The default is 1000, the minimum 1 and the maximum 1600 days. The lifetime will always be measured from the last time, a transaction has been made with this alias. For example, if you have an entry, that is valid for 1000 days and no authorization has been made, until the 999th day, the lifetime will then count another 1000 days from that point onwards, or until it has been used again.

  • Owner name: The name of the card owner.

  • Card number: The card, number, or PAN, you want to save.

  • Expiration date: The expiration date of the card. Do not confuse this with Lifetime. Both are separate things.

Add a bank account

While technically not falling under PCI DSS, Saferpay also offers to save SEPA information inside its secure alias store, in the same way, cards are saved, expanding the benefit to SEPA direct debit.

Similar to a credit card, a bank account needs the following data-points:

  • Alias: This is the Alias, under which the card will be referenced later. Make sure, that this entry is unique! Saferpay will only use the first entry in its database, should there be another, redundant entry.

  • Lifetime: This is the time in days, this entry will be valid. The default is 1000, the minimum 1 and the maximum 1600 days. The lifetime will always be measured from the last time, a transaction has been made with this alias. For example, if you have an entry, that is valid for 1000 days and no authorization has been made, until the 999th day, the lifetime will then count another 1000 days from that point onwards, or until it has been used again.

  • Account Holder: The name of the bank account owner.

  • IBAN: The International Bank Account Number, of this bank account.

This is where Secure Card Data comes in. It allows you to save card data in the , without the need of an expensive certification, giving you a so called card alias, referencing the actual card, on the Saferpay systems. Each alias is only usable on your account, thus limiting the dangers, in case of a data-breach.

In this example, Saferpay will list all your aliases, that correspond to one specific PAN. In General, the Information includes the Alias itself, the Owner Name, the masked card number, the expiration date, the creation date of the entry, the last time the alias has been used for a transaction and its lifetime, going from the last authorization, in days. Furthermore, it also indicates, if this Alias has been fully authenticated through 3D Secure, or not. Something, that is very important . This will be explained in further detail in the chapter.

For example, it is possible to use Secure Card data in a way, that .

Saferpay Secure Alias Storage
under PSD2 law
Secure Card Data Details
Saferpay Business License
(click to enlarge)
(click to enlarge)
(click to enlarge)
only one Alias per PAN is permitted