In general, either you start a request (PULL) or a **remote server starts a request **(PUSH). Depending on where to find sensitive data (request/response), PCI Proxy extracts or populates sensitive data on the fly.
Receive from Channel
Receiving card data from a remote server (Channel) can work in two ways. In general, either you perform a /v1/pull/ request to receive card data from the Channel or the Channel starts a /v1/push/ request with card data. PCI Proxy can tokenize and store sensitive data on both operations.
PCI Proxy forwards request with tokens to your API endpoint (you are out of PCI scope).
Forward to Receiver
Forwarding card data to a remote server (Receiver) can work in two ways. In general, either you perform a /v1/pull/ request to forward card data to a Receiver or the Receiver starts a /v1/push/ request to ask for card data. PCI Proxy can populate sensitive data on both operations.
PULL without PCI Proxy
PULL via PCI Proxy
PUSH without PCI Proxy
PUSH via PCI Proxy
You start request with card data to Receiver API endpoint.