0
votes

I am designing an E-commerce web application, where I am going to accept CUSTOMER'S CREDIT CARD DETAILS with Expiry date. But I don't want to store these details at my side due to security concerns. So, Is there any any service exists or any ways by which I can make API calls with card details and that service will store that card details. And after It will provide me the same details whenever needed..??? Is there any API's available?? I don't want to make payment, I just want to verify and store Card Details and want to retrieve that information whenever needed. NOTE : I have checked BrainTree VAULT for the same but they are not providing Only verification and storage of CC details..

1

1 Answers

0
votes

No. These payment service providers (BrainTree, PayPal and so on) have all passed PCI-DSS compliance, which guarantees that cardholders details are protected. Part of the PCI-DSS compliance is a promise that the card details are not shared with any other non-PCI compliant company

So the reason you can't obtain raw card details back is because you are not PCI compliant.

You shouldn't ever need to return raw card details though. To maintain security you should be using the payment service provider to perform authorisation and settlement of charges using card token values (which the service provider returns when you store a card)