Online payments

Card encryption - verifone.js

Last updated: 13-Mar-2024
Download as PDF

Overview

The verifone.js library is a quick and secure way to collect sensitive credit card data. This allows users full control over the checkout experience while maintaining a minimum SAQ A-EP level. The user receives an encrypted card block, which can be used to process a payment.

Availability

verifone.js is available for all Verifone merchants who use the Payments API of Verifone or process their payments using an external party.

Benefits

The verifone.js solution offers:

  • Full ownership over merchant payment flow
  • Reduced complexity for PCI DSS compliance
  • Seamless integration into an existing checkout page, regardless of the stack used

Supported browsers

  • Chrome
  • Firefox
  • Edge
  • Safari
  • Opera
  • Brave

How it works

workflow

Integration steps

An account is created in Verifone Central by a Verifone employee.

 The onboarding is done with a  Secure Card Capture Key on Verifone Central.

To integrate verifone.js in your Checkout page, follow these steps: 

  1. Load verifone.js in the <head> of your Checkout page, where the card form is shown.
<script src="https://cst.jsclient.vficloud.net/verifone.js"></script>

Sandbox environment:

Production environment: 

2. Define the Secure Card Capture Key.

var encryptionKey = "SecureCardCaptureKey"

3. Collect the card data and place it into a JSON object.

Card schema

Parameter name Type Required/Optional Description
cardNumber String Required* Numeric value with no spaces or separators allowed between the digits
expiryMonth String Optional Numeric value with length 2. e.g., March -> 03
expiryYear String Optional Numeric value with length 2, e.g., 2028 -> 28
cvv String Optional Numeric value with length 3 or 4
svcAccessCode String Optional

Numeric value with length up to 8

PIN number of non-PCI cards (e.g.: Gift Cards)
   *cardNumber is required for getEncryptedCardDetails method and optional for encryptCard
var card = {
"cardNumber": "4000000000001091",
"expiryMonth": "03",
"expiryYear": "28",
"cvv": "123"
}

4. Invoke verifone.js to encrypt the card using encryptionKey

var encryptedCard = await verifone.encryptCard(card, encryptionkey)
 

verifone.encryptCard returns a Promise. Not all browsers support using async-await. Consider this in your integration.

 

Alternatively, if you would like to receive additional data regarding the card, such as expiration date and limited card digits use the function below:

var encryptedCard = await verifone.getEncryptedCardDetails(card, encryptionkey)

5. [Optional] To initiate a payment using the Payments API, use the encryptedCard parameter alongside the public key alias of the encryption key:

POST /v2/transactions/card
{
   amount: 3252,
   encrypted_card: encryptedCard,
   public_key_alias: K9,
   ...
}
Rate this article:
Download as PDF

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Get in touch

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Contact sales Get Started
Verifone logo