PCI Proxy
Features
Pricing
Blog
Getting Started
Setup
Collect & store cards
Filter (payloads)
Capture (iframes)
Initialization and Styling
Events
Token API
Vault (alias gateway)
Use stored cards
Resources
Test card data
Guides
Booking.com IP Whitelist
Have a Question?
FAQ
Contact us
Powered by GitBook
Have an account? Sign in

Capture (iframes)

Last updated last month
Edit on GitHub

Secure Fields allow you to securely collect card data by injecting iframes to your DOM. A separate iframe for both, card number and CVV code is used. Thereby, sensitive data never touches your server and allows you to capture all other related card data such as cardholder name, expiry date, etc. directly by yourself.

Using Secure Fields qualifies you for SAQ A.

Browser compatibility for Secure Fields:

Browser

Version

Chrome | Chrome Mobile

>=28 | >=28

Firefox | Firefox Mobile

>=31 | >=31

Internet Explorer | Internet Explorer Mobile

>=9 | >= 9

Safari | Safari Mobile

>=6 | >=6

Opera | Opera Mobile

>=24 | >=22

Blackberry Browser

>=8

Android Browser

>=4

1. Setup Secure Fields

To get started include the following script on your page.

Inline Mode Script
Minified Version
<script src="https://pay.sandbox.datatrans.com/upp/payment/js/secure-fields-1.0.0.js"></script>

Please make sure to always load it directly from https://pay.sandbox.datatrans.com​

2. Create payment form

In order for Secure Fields to insert card number and CVV iframes at the right place, create empty DOM elements and assign them unique IDs. In the example below those are:

  • card-number-placeholder

  • cvv-placeholder

<form>
    <div>
        <div>
            <label for="card-number-placeholder">Card Number</label>
            <!-- card number container -->
            <div id="card-number-placeholder" style="width: 250px;"></div>
        </div>
        <div>
            <label for="cvv-placeholder">Cvv</label>
            <!-- cvv container -->
            <div id="cvv-placeholder" style="width: 90px;"></div>
        </div>
​
        <button type="button" id="go">Get Token!</button>
    </div>
</form>

In test mode, only test credit cards are allowed.

3. Retrieve a Transaction ID

Start with creating a new Secure Fields instance:

var secureFields = new SecureFields();
​
// Multiple instances might be created and used independently:
// e.g. var secureFields2 = new SecureFields();

Initialize it with your merchantId and specify which DOM element containers should be used to inject the iframes:

secureFields.initTokenize( "1100007006", {
  cardNumber: "card-number-placeholder", 
  cvv: "cvv-placeholder"                
});

Afterwards submit the form and listen for the success event:

$(function() {
  $("#go").click( function() {
    secureFields.submit(); // submit the "form"
  })
});
​
secureFields.on("success", function(data) {
  if(data.transactionId) {
    // transmit data.transactionId and the rest
    // of the form to your server    
  }
});

Instances can be destroyed if no longer used:

secureFields.destroy();

4. Obtain tokens

Once you've transmitted the transactionId to your server (together with the the rest of your form) you can execute a server to server GET Token request to get tokens for card number and CVV code:

Example: Request
Response
curl https://api.sandbox.datatrans.com/upp/services/v1/inline/token?transactionId=180416140429310027 
    -u 'merchantId:password'

Please refer to Token API to see how to get the password.

Examples

PCI Proxy Secure Fields Example

Advanced example with card detection

GitHub repository: https://github.com/datatrans/secure-fields-sample Demo: https://datatrans.github.io/secure-fields-sample/​

In test mode, only test credit cards are allowed.

Please also have a look at Styling, Events and Token API references.

Next up

​

Previous
Filter (payloads)
Next
Initialization and Styling
Contents
1. Setup Secure Fields2. Create payment form3. Retrieve a Transaction ID4. Obtain tokensExamplesAdvanced example with card detectionNext up