How to Obtain a Token from SAP

This topic discusses how tokens are generated and retrieved with either a direct integration to the XiSecure On-Demand service or via one of the Data Intercept solutions.

No Data Intercept

Direct XiSecure Integration

The credit card number is entered on a standard SAP screen (for example in the sales order creation process on the header of the order on the Payment Cards tab) and it gets immediately captured and sent to XiSecure On-Demand to retrieve a token (a pre-existing token if the card was already tokenized or a new token if the card is being entered for the first time).

On any SAP screen where the credit card number is open for entry, if a raw card number is entered, it will be immediately tokenized. The detailed steps and examples are detailed in No Data Intercept.

Data Intercept Standalone

Intercept SA Solution

By using the XiSecure tokenization solution, merchants benefit by outsourcing storage of card information to a location outside the merchant system. However, it still leaves the action entering raw card information in the merchant's SAP system, and therefore, the SAP system could still be in scope for a PCI audit.

The Intercept-SA solution (used without any integration within SAP) provides a mechanism to create tokens by entering raw card numbers outside the merchant's SAP system in a website completely hosted by Paymetric.

When a merchant's Customer Service Representative is using a raw card number for the first time, they can launch a Paymetric supplied URL for Intercept-SA. When the user launches this URL, it will request a user ID and password (established by the Intercept-SA Administrator defined by the merchant). Upon entering the user ID and password, the Intercept-SA tokenization URL is launched where the card type and the raw card number can be entered to generate a token. The detailed steps for this process are described in Using Intercept Standalone Solution.

Data Intercept for SAP

Intercept SAP solution

With this option, the merchant benefits from the XiSecure tokenization service with full integration to the Paymetric hosted website. The Data Intercept solution is integrated with SAP so that to enter the raw card number for the first time in the SAP system, the Customer Service Representative launches the Intercept-SAP GUI directly from SAP using the F4 key or clicking the Matchcode search icon for the field.

The Intercept-SAP GUI is hosted completely outside the merchant's SAP system. If you are using Intercept-SAP version 1, a Paymetric supplied user name and password are required to login into the Intercept-SAP GUI. For Intercept-SAP version 2 users, no login credentials are required.

Version 1 users, refer to Intercept SAP No SSO - Version 1 for more details.

Version 2 users, refer to Using Intercept for SAP Solution for details on this process.