The Exact Payments Gateway supports internal tokenization services where a merchant can submit credit/debit card numbers and have an algorithmically generated token (called 'Tags') returned. The returned token (Tag) can be stored in the merchant system and used for processing all future transactions including: pre-authorization, purchase, void, refund and capture/settlement.
Tokenization is strongly recommended. Eliminating credit and debit card numbers from passing through or being stored in your internal systems is a best practice for data security and PCI compliance requirements.
Step 1: Use Hosted Payment Page for credit card submission
Build a Hosted Payment Page and use a $0 pre-authorization request with CVV for transactions with a new customer, or new credit/debit card presented by an existing customer.
Step 2: Use Reporting API to retrieve Token
Retrieve the Exact Token using our GET /payments API endpoint. The new Token value is returned in API response field payment_id.
Token values can be securely stored for future transactions.
Further information is found in our Developer Guide, here: https://developer.exactpay.com/docs/payment-page-technical-integration