Secure Payments API – Payment Profiles
To process any payments with Secure Payments, you need to add some credit cards and/or checking accounts to your Secure Payments account.
Since credit card information is highly sensitive and subject to PCI compliance, an HTML iframe is provided. When integrating with Secure Payments, it’s crucial that credit cards are added to your profile through the iframe only; otherwise, your software will be subject to PCI compliance requirements and potential fines for non-compliance.
When payment profile information is added to Secure Payments, it's tokenized to ensure security. The information is never returned to you in any way—even if it's encrypted. Tokens are not saved in Secure Payments, and there’s no way to retrieve them if lost.
When a credit card is saved in Secure Payments, a corresponding token is generated and returned to you (see Creating a Credit Card). This token represents your credit card stored in Secure Payments, and it's safe to save it within your own application. Endpoints to process a payment with a credit card will require you to send the corresponding credit card token.
Like we mentioned above, if a token is lost, it cannot be retrieved from Secure Payments, as they are never saved on our side. After a period of inactivity, the corresponding credit card information will be deleted automatically.
Listed below are links to Secure Payments API documentation regarding payment profiles: