Разработчик

Ключове за поръчки и ключове за касиери

Cardflo използва Checkout Keys (ключове за поръчки) и Cashier Keys (ключове за касиери), за да предостави сигурни и гъвкави опции за интеграция за търговците. Checkout Keys управляват инициирането на платежна сесия и събирането на данни за клиенти, докато Cashier Keys улесняват сървърната обработка на транзакции.

Това разделение осигурява съответствие с PCI и надеждна сигурност за всички платежни потоци.

Категория
Разработчик
Възможности
10
Налично на
Всички планове
Кандидатствайте сега

Общ преглед

The separation of credentials into checkout keys and cashier keys represents a foundational security architecture in modern payment orchestration. Checkout keys are public-facing identifiers used within client-side environments, such as web browsers or mobile applications, to initialise payment components and collect sensitive cardholder data.

These keys allow a merchant to render a checkout interface without exposing sensitive backend permissions. Conversely, cashier keys are restricted, server-side credentials designed for authenticated communication between a merchant server and the payment gateway.

By bifurcating these roles, the system ensures that a compromise of the client-side code does not grant an attacker the ability to perform administrative actions, such as initiating refunds or capturing authorised payments.

This architectural approach assists in maintaining PCI DSS compliance by minimising the scope of systems that interact directly with raw payment credentials while allowing for a programmable, granular control over transaction lifecycles.

Как работи

  1. Client-side session initiation

    The integration begins with the checkout key being utilised within the frontend application to request a secure session.

    This key identifies the merchant identity (MID) and authorises the rendering of secure payment elements, ensuring that customer card details are tokenised before they ever reach the merchant infrastructure.

  2. Secure data tokenisation

    As the customer enters their payment details, the checkout key facilitates a direct connection to the vault. Sensitve fields like the PAN and CVV are converted into temporary tokens.

    This process ensures that the merchant environment remains outside the primary scope of PCI DSS requirements.

  3. Server-to-server authorisation

    Once a token is generated, the merchant server uses its cashier key to request a formal authorisation from the acquirer. This private key confirms the request is legitimate and allows the gateway to map the temporary token back to the stored payment data for processing.

  4. Transaction lifecycle management

    Post-authorisation actions, including capture, settlement, and refunds, are exclusively handled via the cashier key. Because these actions involve the movement of funds, they require the higher level of authentication and restricted access that the server-side cashier key provides to the merchant administrator.

Защо е важно

Risk and liability mitigation

Dividing credentials reduces the blast radius of a potential security breach. If a checkout key is intercepted from a website source code, the attacker cannot use it to withdraw funds or access historical transaction records.

The cashier key remains protected on a secure backend, ensuring that only authorised server environments can execute financial movements, which is a critical defence against common injection attacks.

Simplified PCI DSS compliance

By utilising checkout keys to handle cardholder data via hosted fields or components, merchants typically qualify for a reduced compliance burden, such as SAQ A or SAQ A-EP.

The cashier key ensures that sensitive data is handled in a tokenised format on the backend, removing the need for the merchant to store, process, or transmit raw credit card information on their own servers.

Приложения

E-commerce web applications

Merchants use checkout keys to embed secure payment forms directly into their websites, while the cashier key is stored in their backend environment to finalise the capture of funds once the order is confirmed.

Native mobile apps

Mobile developers use checkout keys within iOS or Android apps to securely gather payment signatures, relying on server-side cashier keys to manage the complex logic of multi-currency settlement and recurring billing.

Subscription and recurring billing

After the initial checkout key collects the card details, the cashier key is used to establish a merchant-initiated transaction (MIT) framework, allowing for automated renewals without further customer intervention.

В числа

90%
PCI Scope Reduction

Industry standards suggest that offloading data capture to hosted components via client-side keys can reduce the number of applicable PCI requirements by over 90 percent.

<2 days
Integration Time

Standardised key-based architectures typically allow developers to implement a basic secure checkout flow within approximately two working days of development time.

100%
Secured Transactions

Professional payment gateways require 100 percent of server-side requests to be authenticated via a private key to ensure the integrity of the transaction lifecycle.

Ready to route with Ключове за поръчки и ключове за касиери?

Talk to our team about a live rollout on your acquiring stack.

Кандидатствайте сега

What you get with Ключове за поръчки и ключове за касиери

  • Сигурно инициирайте платежни сесии с Checkout Keys
  • Обработвайте сървърни транзакции с помощта на Cashier Keys
  • Поддържайте PCI съответствие чрез изолиране на чувствителни данни
  • Интегрирайте с различни потребителски и бекенд рамки
  • Контролирайте нивата на достъп за различни интеграционни точки
  • Подобрете сигурността за обработката на платежни данни на клиенти
  • Reduce the probability of fraudulent fund transfers via compromised client-side code
  • Facilitate secure tokenisation of cardholder details at the point of initial entry
  • Enable merchant-initiated transactions for subscription models using secure backend authentication
  • Provide clear audit trails for both client-side sessions and server-side management actions
See Ключове за поръчки и ключове за касиери on your acquiring stack.

A short scoping call, then a written plan for your MIDs.

Кандидатствайте сега

Questions about Ключове за поръчки и ключове за касиери

Каква е разликата между Checkout Key и Cashier Key?

Checkout Key се използва от потребителската страна за иницииране на платежна сесия и сигурно събиране на клиентски платежни данни.

Cashier Key се използва от вашата сървърна страна за финализиране на транзакцията, изпращане на заявки за плащане и управление на възстановяванията, като гарантира, че чувствителните операции остават под сървърно управление.

Как тези ключове допринасят за PCI съответствието?

Чрез разделянето на ключовете, Cardflo помага на търговците да поддържат PCI съответствие.

Checkout Keys обработват събирането на клиентски данни по сигурен, токенизиран начин, докато Cashier Keys, използвани от сървърна страна, предотвратяват директния достъп на чувствителни данни за карти до вашите сървъри, намалявайки обхвата на вашия PCI.

Мога ли да използвам както Checkout, така и Cashier Keys в моята интеграция?

Да, използването както на Checkout, така и на Cashier Keys е препоръчителният и най-сигурен подход за интеграция за Cardflo. Тази комбинация предоставя надеждна рамка за обработка както на потребителски взаимодействия, така и на сървърна обработка на транзакции, оптимизирайки сигурността и функционалността.

How should cashier keys be stored within a merchant's infrastructure?

Cashier keys must be treated as highly sensitive credentials. They should never be hard-coded into source files or stored in version control systems like Git.

Instead, they should be managed using environment variables or a dedicated secret management service. Access to these keys should be restricted to the specific server instances that require them to communicate with the payment processor for transaction finalisation and reporting.

What happens if a checkout key is leaked or compromised?

If a checkout key is compromised, the impact is generally low compared to a secret key leak.

An attacker could potentially use the key to submit junk data or attempt to create tokens through the merchant's MID, but they cannot access existing customer data or funds.

However, it is still standard practice to rotate the leaked checkout key to prevent any unauthorised use of the merchant's frontend assets and to maintain clean transaction logs.

Do cashier keys support different levels of permission based on the user?

While the cashier key itself represents a high-level server credential, industry-standard gateways often allow for the creation of multiple keys with various scopes.

For example, one cashier key might be restricted to read-only access for reporting, while another might have the authority to process captures and refunds.

This follows the principle of least privilege, ensuring each part of a merchant's backend system only has the permissions it needs to function.

Започнете

Готови ли сте за скорост?

Разкажете ни за вашия бизнес. Ние ще ви свържем с правилните банки акцептанти и правилния маршрут, обикновено в рамките на една седмица.

Кандидатствайте сега
Кандидатствайте сега