JavaScript Tokenization Introduction

Tokenization is the process of exchanging sensitive account information for a token. PayJunction can collect sensitive card details directly from your customers in a secure manner and return a token representing this information to you for use in payment processing. By tokenizing sensitive data, your liability is reduced and you greatly simplify PCI compliance requirements.

We provide a JavaScript SDK to perform this process in the customer's browser. This ensures that no sensitive card data touches your servers, and allows your integration to operate in a more PCI-compliant way.

General Overview

To process a transaction using tokens, the general workflow is as follows:

  1. Include the PayJunction client-side SDK and publishable key on your webpage.
  2. Create the token information using the PayJunction SDK.
  3. Send the token id to your server.
  4. At this point, you can use the token with the PayJunction API to either:

See the JavaScript Tokenization Examples for code samples.

Tokens

Tokens are short-lived, single-use entities meant to be used immediately.

Tokens expire within 30 minutes and should not be stored. To store card information for later use, create Customer Vault objects.

Publishable Keys

In order to use the SDK and create tokens, you need a Publishable Key. Unlike Application Keys, Publishable Keys are meant to be public and can be safely added to your website. The Publishable Key is unique per merchant, and it's different for Test and Production environments.

To request a publishable key, use the Request Publishable Key form.