Skip to main content

Save Card

The Save Card service allows customers to securely store their payment card information for future transactions, creating a seamless and convenient checkout experience. When customers opt to save their card details, Amazon Payment Services generates a permanent, customer-specific token that can be used for subsequent purchases, subscriptions, or recurring payments without requiring customers to re-enter their card information.

How Save Card Works

The save card process follows these steps:

1

Customer Opt-in

Customer selects the "Remember Me" or save card option during checkout.

2

Payment Processing

Customer completes the payment transaction successfully.

3

Token Generation

Amazon Payment Services generates a permanent, secure token for the card.

4

Future Payments

Customer can use saved card for future transactions with just CVV entry.

Key Features

  • Secure tokenization - Card data encrypted and stored in PCI DSS compliant environment
  • Customer convenience - One-click payments with just CVV entry
  • Cross-platform support - Available across all integration methods
  • Token management - Update, activate, or deactivate saved cards
  • Customer control - Customers can manage their saved cards
  • Compliance ready - Meets all regulatory requirements for card storage

All saved card data is encrypted and stored in compliance with PCI DSS standards, ensuring maximum security for your customers' payment information. Card tokens are customer-specific and cannot be used across different merchant accounts.

Integration Methods

Choose the integration method that best fits your business needs and technical requirements:

Through Hosted Checkout

With Hosted Checkout, the save card functionality is automatically available when tokenization is enabled in your account settings. No additional implementation steps are required.

How It Works

When customers reach the hosted checkout page, they will see a "Remember Me" checkbox. If the customer selects this option and completes a successful payment, a permanent token is automatically generated and returned in the payment response.

Using Saved Cards

When a customer saves their card, you'll receive a token_name in the payment response. Store this token securely and link it to the customer's account. For future payments, simply include the token_name in your payment request - customers only need to enter their CVV.

Through Custom Integration

Custom Integration follows the standard Custom Integration flow with additional save card functionality. You need to implement a custom "Remember Me" checkbox in your payment form and include the remember_me parameter only when the customer selects it.

Prerequisites

  1. Enable Save Card Service - Contact merchantsupport-ps@amazon.com to enable save card functionality
  2. Custom UI Implementation - Add a "Remember Me" checkbox to your payment form
  3. Standard Custom Integration - Follow the standard Custom Integration setup

Implementation Steps

1

Implement Custom Remember Me Checkbox

Add a "Remember Me" checkbox to your payment form. Include the remember_me parameter in your payment request only when the customer selects this option:

{
"command": "PURCHASE",
"access_code": "your_access_code",
"merchant_identifier": "your_merchant_id",
"merchant_reference": "ORD-12345-2024",
"amount": "2000",
"currency": "AED",
"customer_email": "customer@example.com",
"card_number": "4005550000000001",
"expiry_date": "2105",
"card_security_code": "123",
"card_holder_name": "John Smith",
"remember_me": "YES",
"signature": "calculated_signature"
}

Store the token_name in your database linked to the customer's account for future transactions.

3

Using Saved Cards

For future payments, use the stored token_name instead of card details:

{
"command": "PURCHASE",
"access_code": "your_access_code",
"merchant_identifier": "your_merchant_id",
"merchant_reference": "ORD-67890-2024",
"amount": "1500",
"currency": "AED",
"token_name": "Op9Vmp",
"card_security_code": "123",
"signature": "calculated_signature"
}

The customer must still provide their CVV for security purposes, even when using a saved card.

Through Mobile Integration

Mobile Integration follows the standard Mobile Integration flow with automatic save card support. No additional implementation steps are required - customers simply select "Remember Me" during the payment process.

Prerequisites

How It Works

When customers use your mobile app for payments, they will see a "Remember Me" option during the payment process. If the customer selects this option and completes a successful payment, a permanent token is automatically generated and returned in the payment response.

Using Saved Cards

When a customer saves their card, you'll receive a token_name in the payment response. Store this token securely and link it to the customer's account. For future payments, simply use the saved token - customers only need to enter their CVV. :

With Payment Links, the save card functionality is automatically available when tokenization is enabled in your account settings. No additional implementation steps are required.

How It Works

When customers access the payment link, they will see a "Remember Me" checkbox. If the customer selects this option and completes a successful payment, a permanent token is automatically generated and returned in the payment response.

Managing Saved Cards

The Update Token Service allows merchants to manage customer saved cards by updating token details, changing token status, or modifying card information. This service provides complete control over saved card tokens, enabling you to activate, deactivate, update, or rename tokens as needed.

API Endpoints

https://sbpaymentservices.PayFort.com/FortAPI/paymentApi
1

Request Sample

Basic Update Token Request
{
"service_command": "UPDATE_TOKEN",
"access_code": "zx0IPmPy5jp1vAz",
"merchant_identifier": "CycHZxVj",
"merchant_reference": "UPD_12345_2024",
"language": "en",
"token_name": "existing_token_name",
"signature": "calculated_signature"
}
2

Common Operations

Change the status of a saved card token:

Token Status Update
{
"service_command": "UPDATE_TOKEN",
"access_code": "zx0IPmPy5jp1vAz",
"merchant_identifier": "CycHZxVj",
"merchant_reference": "UPD_001_2024",
"language": "en",
"token_name": "customer_token_123",
"token_status": "INACTIVE",
"signature": "calculated_signature"
}

Available Status Values:

  • ACTIVE - Token can be used for payments
  • INACTIVE - Token is disabled and cannot be used
3

Response Sample

Success Response
{
"service_command": "UPDATE_TOKEN",
"access_code": "zx0IPmPy5jp1vAz",
"merchant_identifier": "CycHZxVj",
"merchant_reference": "UPD_001_2024",
"language": "en",
"token_name": "customer_token_123",
"response_message": "Success",
"response_code": "18000",
"status": "18",
"signature": "calculated_signature"
}

Token Types Comparison

Understanding the different types of tokens available in Amazon Payment Services:

AspectTemporary TokenPermanent Token
How to receiveReceived in Tokenization API responseReceived in Operation/Create Token API response
Lifetime15 minutesPermanent until deactivated
PurposeProcess immediate Operation API requestsProcess Recurring/Saved card payments
Use CaseSingle-use payment processingLong-term card storage

Token Sharing Feature

Amazon Payment Services offers a token sharing feature that enables merchants with multiple accounts to streamline their token management across different business units or subsidiaries.

How Token Sharing Works

Main Account Token Creation

  • Designate one account as your main account for token creation
  • Tokens created in the main account can be shared and used across multiple sub-accounts
  • This allows centralized token management while maintaining separate business operations

Sub-Account Token Usage

  • Multiple sub-accounts can utilize tokens created in the main account
  • Sub-accounts can process payments using shared tokens without needing to create new ones
  • This reduces customer friction by maintaining saved card data across different merchant entities

Cross-Account Token Restrictions

  • Tokens created in any account other than the main account remain isolated to that specific account
  • These tokens cannot be shared or used by any other accounts, including the main account
  • Each non-main account operates with its own isolated token ecosystem

To activate this feature, contact merchantsupport-ps@amazon.com to configure your main account and sub-accounts. Proper account hierarchy setup is required before token sharing can be enabled.

Go Live

Test your save card integration using our test card numbers and make sure to visit our go-live checklist to go live with your integration.

Support

Need assistance with save card implementation? Contact our technical support team at merchantsupport-ps@amazon.com.

Was this page helpful?

Thanks for your feedback!