Debit Card Tokenization

Tokenizing Debit Cards for Push-to-Card Payouts

If you’re implementing push-to-card payouts, you must tokenize the withdrawer’s debit card to remain fully PCI compliant. Coinflow provides multiple ways to tokenize debit cards specifically for push-to-card payouts, depending on your platform and PCI compliance status.

The below only applies to debit card tokenization for push to card payouts. Merchants seeking to tokenize debit cards for payments-in should reference Implement Credit Card / Debit Card Checkout.

Debit Card Tokenization Options

Use Coinflow SDKs with CoinflowCardOnlyInput

Merchants with a web app can use the CoinflowCardOnlyInput component to securely collect debit card details and tokenize them for use in push-to-card payouts. Follow this guide: Tokenize Debit Cards for Withdraws.

CoinflowCardOnlyInput is available in all supported SDKs: React, Vue, Angular, and React Native.

Tokenize Debit Cards via API

Debit Card Tokenization for Mobile Apps

Merchants with mobile apps can tokenize cards server-to-server without needing to show PCI compliance. Follow the guide: Debit Card Tokenization for Mobile Apps (Push to Card Only)

Debit Card Tokenization for Web Apps

To tokenize debit cards server-to-server for web applications, your business must demonstrate proof of PCI DSS compliance. Follow the guide: Tokenize Card Data via API for Debit Card Payouts to learn how to implement this. In order to receive a tx-apikey merchants must provide proof of an Attestation of Compliance (AOC).

Examples of AOC

• See example AOC for merchants

• See example AOC for service providers implementing on behalf of a Merchant

AOCs must be reviewed and approved by a Qualified Security Assessor (QSA) if you’re implementing as a service provider.