Bank of America Gateway Secure Acceptance Payment Tokens
Description
What's in this article?
The Secure Acceptance integration methods for the Bank of America Gateway, that is the Hosted Payments Page (HPP) and Checkout API, use two types of tokens.
Payment tokens
Payment tokens represent the customer token in the Token Management Service (TMS). They are unique identifiers for sensitive customer and payment data that cannot be mathematically reversed. The payment token replaces the payment card, and optionally the associated billing and shipping information. No sensitive card information is stored, thereby reducing Payment Card Industry Data Security Standard (PCI DSS) obligations.
In the Secure Acceptance API, the payment_token field identifies the TMS customer token.
Instrument identifier tokens
Instrument identifier tokens represent a payment card number or bank account number. The same card number or bank account number sent in multiple token creation calls results in the same payment token being returned.
When using Secure Acceptance with tokens that represent only the card number or bank account, associated data such as expiration dates and billing address data must be included in the transaction request.