Tokenization is a process to convert the card number and expiry date into a token, which is represented by a unique string (eg. 5a04127fbe64ae7e487f8c55). This token represents the buyer’s card details, so that you do not have to handle the real credit card information. This reduces your PCI-DSS scope and enhances security.
Tokenization happens on the frontend, such as the browser or mobile app. When tokenizing, the public API key is used. Xendit offers single-use or multiple-use tokens, based on your business needs.
|Single Use Token||Multiple Use Token|
This chart shows a typical tokenization flow.
- How long is the multiple use token stored for?
Until the card expires.