Integrations without the hassle
Connect PCI Proxy to the schemes, gateways and PSPs you already use. You integrate via API, SDK or hosted fields: we tokenise card data and you work only with tokens.
Card fields in our iFrame
Card data stays off your site. You qualify for SAQ A.
One HTTP call
You send card data once. We reply with a token.
Five native SDKs
await pciProxy.tokenize({ … }) A few lines in your app. We handle vault and retries.
Real-time events
We ping your server when a token is created or used.
Supported schemes
We tokenise card data from Visa, Mastercard, Amex and other schemes. The token shows the last digits useful in your UI: the full number stays in our vault.
Visa
Credit & Debit
Mastercard
Credit & Debit
American Express
Charge & Credit
Diners Club
International
JCB
Asia-Pacific
UnionPay
Global Network
Gateway integration
We sit between your app and your payment gateway. We tokenise card data before it reaches your servers: the gateway you already use can stay as it is.
Proxy in the middle of requests
We intercept API calls, find card numbers and replace them with tokens before the request reaches your backend.
Switch PSP whenever you want
Tokens stay in our vault, not in the gateway. If you change provider you don't need to ask customers for card data again.
Ready-made gateway profiles
We've already configured dozens of gateways: fields, authentication and endpoints. You usually go live in hours, not weeks.
Compatible Gateways
Ready PSP connectors
Connectors ready for leading PSPs in Europe and worldwide. We handle authentication, field mapping and error messages: you make a single API call.
Adyen
EnterprisePayments, tokens and recurring billing with Adyen, including 3DS2.
RoxPay
EU NativeNative European PSP: tokens, recurring payments and BNPL on a single PCI DSS Level 1 platform.
Worldline
GlobalWorldline gateway: stored payments, recurring billing and tokens already mapped.
Planet
EU ReadyPlanet for payments in Europe: tokens, recurring billing and webhooks pre-configured.
CRM and ERP
In your CRM and ERP you store tokens, not card data. That way you don't expand PCI scope across your business systems.
Salesforce
CRMStore tokens as fields on Account, Contact or Opportunity. For a payment use Flow or Apex: Salesforce never sees card data.
SAP
ERPIntegration with SAP S/4HANA and Commerce Cloud via API or middleware. Tokens go into financial modules, not card numbers.
Oracle
ERP / CloudOracle Integration Cloud or direct APIs. Tokens flow into Payments, Subscriptions and Hospitality without card data in your systems.
REST API and SDK
Versioned APIs, SDKs in five languages and webhooks to know in real time when a token is created.
API versions
Every endpoint has its version (/v1/). Older versions stay active for at least 24 months. We notify you before deprecating them.
Secure access
API key for server calls or OAuth 2.0 for enterprise environments. You can rotate credentials and scope them per operation.
Rate limits
1,000 requests per minute per key (2,000 burst). Custom limits on Enterprise plans. Every response includes X-RateLimit-* headers.
Available SDKs
SDKs for JS, Python, PHP, Java, .NET. Typed models, automatic retry and idempotency included.
your-server.com/webhooks/pci {
"event": "token.created",
"timestamp": "2026-04-03T10:15:30Z",
"data": {
"token": "tok_pci_eu_a1b2c3d4e5f6",
"last_four": "1111",
"brand": "visa",
"merchant_id": "mrc_xyz789"
},
"signature": "sha256=4a8b9c..."
} // Initialise the PCI Proxy SDK
const pciProxy = new PCIProxyClient({
apiKey: 'sk_live_...',
region: 'eu'
});
// Tokenise and forward in a single call
const result = await pciProxy.forward({
token: "tok_pci_eu_a1b2...",
gateway: "stripe",
amount: 4999,
currency: "EUR"
}); Hosted fields and iFrame
Card fields run in PCI-certified iFrames. Card data never passes through your page's JavaScript or your servers.
Less PCI burden
We serve the fields from a PCI DSS Level 1 environment. You qualify for SAQ A: the lightest questionnaire, with around 22 controls.
Your checkout styling
Fonts, colours, borders and error messages configured via CSS API. Fields look like part of your site.
Works on mobile
Responsive layout, automatic numeric keyboard and autofill support on any screen.
Payment Details
Card data protected by PCI Proxy EU. Never reaches your server.
{
"token": "tok_pci_eu_a1b2c3d4e5f6",
"last_four": "1111",
"brand": "visa" // card number never exposed
} Ready to integrate?
Read how it works, explore tokenisation or get in touch: we'll help you connect your stack in a few days.