Introduction
is a complete payment processing platform provided by CardConnect, a leading payment service provider. It offers solution for accepting and managing various types of payments, including credit cards, debit cards, and electronic checks. It uses special technology to protect sensitive payment data, which keeps it safe from fraud and unauthorized access.
Release 7.1 includes CardPointe payment gateway integration with Aptify Web, Aptify Smart Client and Aptify e-Business applications.
Release 7.1 implementation focuses on two modules as mentioned below:
CardPointe Gateway
The CardPointe Gateway API uses RESTful web services to implement create, read, update, and delete (CRUD) functions.  In Aptify 7.1, wrapper has been created over CardPointe Gateway APIs which is responsible for sending the authorization header, and Merchant ID to CardPointe. All the requests to CardPointe from Aptify are directed ONLY through this layer. Whether it is Aptify Web, Smart Client (Desktop) application, or e-Business, they all utilize this wrapper to initiate API calls to CardPointe, ensuring that the authorization process occurs at CardPointe.
The RESTful services provided for performing various functions are as follows:
- Authorization (PUT/POST): Authorization is the initial step used for accepting payment from a cardholder. This action "authorizes" or requests permission from the bank to transfer money from the cardholder to the merchant.
- Authorization and Capture: This service combines the authorization and capture steps.
- Capture: The capture service queues the transaction amount for settlement. Capture can occur within the authorization request or as a subsequent request. In this case, Capture is a subsequent request.
- Void: This service is used to cancel a transaction.
- Refund: This service is used for refunding transactions that have been settled previously.
Hosted iFrame tokenizer
The Hosted iFrame Tokenizer provides a secure hosted web form with input fields necessary for the site visitors to enter their sensitive payment data. This page is incorporated into the site visitor's own web page using an HTML iFrame (an inline frame which is used to embed another document within the current HTML document).
Below is the flow of the events that take place in this process:
- Site visitors enter sensitive payment data into the fields of the embedded iFrame and the data is passed securely to CardSecure for tokenization.
- The tokenized value generated by CardSecure is returned to the web page through the iFrame, and is not considered sensitive in nature.
- This token is stored and used in a subsequent call to the CardPointe Gateway to process the payment.
- The iFrame hosted on CardPointe website is loaded in an HTML page within Aptify. This iFrame has input fields to capture payment details from the user, like Credit Card No, Card Expiration, CVV (optional).
- CardPointe controls all the actions performed in the iFrame. The data is not accessible to Aptify, making the payments secure.
- For the Payment Details entered in the iFrame, CardPointe returns a Tokenized Card No. This tokenized card number is Secure and is Safe to store and could be used for the transactions with CardPointe.
- The generated token is used in place of Card Number, and is sent to CardPointe using regular APIs that perform transactions like Auth, AuthCapture, Capture, etc.
Hence, the iFrame Tokenizer can be perceived as a Token Generator form which interacts with CardPointe securely without the need of changing the underlying APIs.
Benefits
Below are some of the advantages of CardPointe:
- Compliance and Regulations: CardPointe adheres to industry standards and compliance requirements. The CardPointe has been integrated with Aptify via Hosted Payment Pages or iFrame tokenizer that helps to reduce PCI liability.
- Multi-Currency support: CardConnect accepts multiple currencies facilitating international transactions. 
- Enhanced Security: Cardpointe uses encryption and tokenizer technology ensuring the secure handling of sensitive payment data, reducing fraud and unauthorized access.
For information on setting up CardPointe in Aptify, refer to Setting up CardPointe with Aptify document.
Comments
Please sign in to leave a comment.