-
Getting started
keyboard_arrow_down
Connect to the CCV Platform
Integrate our products into your software. Let's make payment happen together!
Look at all the possibilities
Integrate our products into your software. Let's make payment happen together!
Look at all the possibilitiesA token is a unique and one-way generated hash of PAN or IBAN. It can be used to identify a card or bank account without the need to store the sensitive PAN or IBAN data in your system.
CCV Terminals are also able to calculate the PAN token which makes it possible to use a token generated upfront via the PSP API in a card-present environment. This is especially useful for parking entry and exit scenarios where the token can be used to identify the card during exit and link it to the entry transaction.
Note: if you call the token resource in operating mode TEST, you will not get a real token. The simulated token contains the reversed pan with a prefix and should not be used to store in a production system.
The general flow is:
payUrlreturnUrlWe do not expose the token to the customer. It is up to you to verify the status of the token request and act accordingly. Webhooks are provided to give you feedback, but this principle remains.
Two types of token are supported, being card tokens and web tokens.
A card token is a token calculated from the complete PAN of a credit or debit
card. This token will always consist of the prefix 99 followed by 16
characters given a token of 18 characters long.
Example 991234567890123456
A web token is calculated on (part of) the IBAN of a debit card.
Reason for this addition to the Token Service Provider is that there are
countries where the banks do no print the PAN on their debit cards.
Examples are the Netherlands and Germany.
For the Netherlands the IBAN is as follows
Example NL91ABNA0417164300
NL)91)ABNA)0417164300)The NL Web Token is calculated using the 10 char account number and is prefixed
with 96.
Note: The banks BUNQ and KNAB are not supported in the TSP. Example 961234567890123456
For Germany the IBAN is as follows
Example DE89370400440532013000
DE)89)37040044)0532013000)The bank code needs to be converted to the institute number using the table from
the Bundesbank Germany.
The DE Web Token is calculated using the institute number and the account number
and is always prefixed with 95.
For other countries there is no support for token calculation based on IBAN.
Go to OpenAPI Token API
Normally, the payUrl is used to obtain the token data from the customer.
Or token data is directly supplied via
token data in the request.
Alternatively, the customer can submit the card data from a mobile app or
browser to the cardDataUrl without requiring authentication.
However, PCI compliance may be required:
cardDataUrl to submit the card data directly to the PSP.cardDataUrl to submit the data to the PSP.The API is the same in both cases, but the integrator should be aware of the PCI implications of the chosen flow.
cardDataUrl e.g. https://onlinepayments.ccv.eu/token/carddata/embedded?reference=YOUR_REFERENCE_HEREPOSTapplication/json| Name | Required | Description |
|---|---|---|
| pan | Yes | The primary account number. All spaces and dashes are removed |
Example
{
"pan": "67032222222222227"
}
Token data response:
200