Card encryption - verifone.js
Overview
The verifone.js library is a quick and secure way to collect sensitive credit card data. This allows users full control over the checkout experience while maintaining a minimum SAQ A-EP level. The user receives an encrypted card block, which can be used to process a payment.
Availability
verifone.js is available for all Verifone merchants who use the Payments API of Verifone or process their payments using an external party.
Benefits
The verifone.js solution offers:
- Full ownership over merchant payment flow
- Reduced complexity for PCI DSS compliance
- Seamless integration into an existing checkout page, regardless of the stack used
Supported browsers
- Chrome
- Firefox
- Edge, IE 11+
- Safari
- Opera
- Brave
Integration steps
An account is created in Verifone Central by a Verifone employee.
To integrate verifone.js in your Checkout page, follow these steps:
- Load verifone.js in the <head> of your Checkout page, where the card form is shown.
<script src="https://cst.jsclient.vficloud.net/verifone.js"></script>
Sandbox environment:
- EMEA : https://cst.jsclient.vficloud.net/verifone.js
- US : https://uscst.jsclient.vficloud.net/verifone.js
Production environment:
- EMEA : https://emea.jsclient.verifone.cloud/verifone.js
- US : https://us.jsclient.verifone.cloud/verifone.js
- NZ : https://nz.jsclient.verifone.cloud/verifone.js
2. Define the Secure Card Capture Key.
var encryptionKey = "SecureCardCaptureKey"
3. Collect the card data and place it into a JSON object.
Card schema
Parameter name | Type | Required/Optional | Description |
---|---|---|---|
cardNumber | String | Required | Numeric value with no spaces or separators allowed between the digits |
expiryMonth | String | Required | Numeric value with length 2. e.g., March -> 03 |
expiryYear | String | Required | Numeric value with length 2, e.g., 2028 -> 28 |
cvv | String | Optional | Numeric value with length 3 or 4 |
var card = {
"cardNumber": "4000000000001091",
"expiryMonth": "03",
"expiryYear": "28",
"cvv": "123"
}