Introduction

With our Payrails PCI-DSS Level 1 compliant vault, you can tokenize your customers' payment information and minimize your PCI scope.

There are many benefits of tokenizing payment data, for example:

• Your customers can use stored payment methods for a smoother checkout experience
• Tokenized payment methods can be used for subscription or recurring payment scenarios
• You can enable users to manage their saved cards and have control over their sensitive information

Tokenization refers to the process of collecting sensitive payment information and returning a short-term, single-use token that represents this information. When you tokenize with Payrails, we handle the sensitive payment information, so responsibility for PCI compliance remains with us.

You can tokenize a user’s payment information in Payrails’ vault to create a payment instrument. We return to you the payment instrument ID, which you can then use to manage and delete instruments. See our guide to Manage instruments.

After a user’s payment information is tokenized with Payrails, we handle the complexity of using this information to make payments across different providers, such that you only need to store a single Payrails token to process future payments.

Tokenization with SDK and secure fields

Payrails offers an SDK with native mobile and Javascript versions, which can easily include in your applications and let us handle the sensitive data for you. All this while letting you customize the UI until the last pixel.

For more details about implementing our SDKs, see our guides here.

To obtain the card data from customers, we use the secure fields in our client-side SDK to securely transfer the data from the customer's device directly into our Vault, without exposing your frontend or backend infrastructure to sensitive data.

Our SDK then returns the ID of the tokenized card, which you can store and use for later payments or other use cases.