Detokenization Configuration

The TokenEx iFrame also allows you to securely display detokenized sensitive data on a web page, while keeping the webserver out of PCI scope. For example, a booking engine could enable their customers to view detokenized data in a web portal. Using the Detokenization iFrame to present detokenized data in a web page allows TokenEx to host the PCI or other sensitive data, while you maintain complete control over the other content on the page.

Generating the Authentication Key for the Detokenization Iframe

In order to generate the Authentication Key for the Detokenization Iframe, you will need to provide an existing token value in place of the tokenScheme required when generating the Authentication Key for the tokenization modes of the iFrame.



The Authentication Key is only valid with a timestamp less than 20 seconds old.

tokenExIdstringYour TokenEx ID
originstringThe fully qualified Origin of your application
timestampstringThe timestamp (UTC) when the hash is generated, in yyyyMMddHHmmss
tokenstringThe existing token to be detokenized
TokenEx ID: 123456789
Timestamp: 20180109161437 (January 9th, 2018 4:14:37 PM UTC, formatted in yyyyMMddHHmmss format)
Token: 5454545454545454
Template: tokenExID|origin|timestamp|token
Concatenated String for generating HMAC: 123456789||20180109161437|5454545454545454

Detokenize Iframe Configuration Object

tokenExIDstringtrueYour TokenEx ID
authenticationKeystringtrueThe generated Authentication Key (see Generating the Authentication Key).
timestampstringtrueThe timestamp when the authentication key was generated, in yyyyMMddHHmmss

NOTE: This value must match the one provided when generating your Authentication Key.
originstringtrueThe fully qualified Origin of your application
tokenstringtrueThe token to be detokenized
cvvboolfalseMust be set to true to enable this mode
cvvOnlyboolfalseMust be set to true to enable this mode
cvvContainerIDstringfalseContainerID in which you'd like the CVV to appear
stylesobjectfalseOptionally sets the placeholder attribute of the input
fontstringfalseA google font to use in the iframe
titlestringfalseContent of the title element used by the iframe document
expiresInSecondsintfalseSets the expiration time for the IFrame. Default is 20 seconds, Maximum is 60 seconds.
enablePrettyFormatboolfalseEnabling this property will auto format the credit card number as it appears on the physical card

Using the Detokenize Iframe

//create the config object
var iframeConfig = {
    origin: "",
    timestamp: "20200109161437",
    tokenExID: "123456789",
    authenticationKey: "QmFzZTY0KEhNQRNTSEEyNTYoIlRva2VuRXhJRHxPcmlnaW58VGltZXN0YW1wfFRva2VuU2NoZW1lKSk=",
    token: "5454545454545454"

//create a new instance of the detokenize iframe, and add the container ID and config object
var iframe = new TokenEx.DetokenizeIframe("tokenExIframeDiv", iframeConfig);

//calling the iframe's load function adds the iframe to the DOM.