Tokenization

How it works

Tokenization refers to a set of API endpoints that allow you to securely process payments without opening the payment UI or involving the user. Key features:

  • obtain the list of saved payment accounts
  • make a payment using a saved payment account
  • delete a payment account

Payment accounts are saved in the following cases:

  • The payment is made via the Pay Station UI. A new saved account is added if the user agrees to saving their payment data when entering it.
  • The Pay Station is opened in the saving payment accounts mode. To enable it, pass the settings.ui.mode parameter when getting the token.

When the payment account is saved, it’s given an ID. Specify this ID in the API request to make a payment without user interaction and opening the payment UI.

Payment methods that support tokenization:

  • Bank cards
  • Amazon Pay
  • Skrill Digital Wallet
  • PayPal
  • Alipay
  • GCash
  • DANA
  • Rabbit LINE pay
  • Touch ’n Go
  • Boost
  • Toss

How to get it

To use tokenization, implement the endpoints for working with saved payment accounts.

Paying with saved payment account

To make a payment with a saved payment account without opening the payment UI, implement the payment in your app in the following way:
  1. Get a list of user’s saved payment accounts.
  2. Charge the user via one of their payment accounts.
  3. Process data received in the Payment webhook and accrue the purchased virtual goods to the user.
Notice
The purchased virtual goods must only be accrued based on data from the Payment webhook.

Displaying saved payment accounts on your side

Using the Get saved accounts request, you can get masked data of user’s saved payment accounts on your order page.

To store masked data of saved payment accounts on your side and keep them up-to-date:

  1. Set up Add payment account webhook. When a user adds a new payment account, you can save it and afterward suggest a user pay with it without opening the payment UI.
  2. Set up Remove payment account webhook.

Note
To set up webhooks for adding and removing a payment account, contact your Customer Success Manager or email to csm@xsolla.com.

Processing UI events on the managing saved payment accounts page

To display information on the managing saved payment accounts page in real time, process the following payment UI events:

  • add_saved_account — successful saving of a payment account.

Format:

Copy
Full screen
Small screen
    command: "add_saved_account"
    data:
    id: 12345678
    name: "1111111111111111"
    payment_method: 0001
    type: "card"
    

    • add_saved_account_error — error occuring while saving a payment account.
    • cancel_save_account — cancellation of the saving of a payment account by a user.

    If the payment UI is opened in an iframe or using the Pay Station Embed script, you will get events from the payment UI via postMessage.

    Was this article helpful?
    Thank you!
    Is there anything we can improve? Message
    We’re sorry to hear that
    Please explain why this article wasn’t helpful to you. Message
    Thank you for your feedback!
    We’ll review your message and use it to help us improve your experience.
    Rate this page
    Rate this page
    Is there anything we can improve?

    Don’t want to answer

    Thank you for your feedback!
    Last updated: October 10, 2023

    Found a typo or other text error? Select the text and press Ctrl+Enter.

    Report a problem
    We always review our content. Your feedback helps us improve it.
    Provide an email so we can follow up
    Thank you for your feedback!