Overview
The TokenPaymentRequest allows merchants to process payments using a token received from a third-party encryption or wallet service, such as Visa Checkout (VCO) or other supported providers.
This approach enables secure, low-friction checkouts, especially in mobile or embedded flows where card details are handled by a secure, trusted third party. The merchant never handles raw card data — only the encrypted token is sent to PayGate for processing.
PayGate handles the decryption, authentication, and authorisation of the tokenised transaction, and returns a full response including TransactionId, ResultCode, and TransactionStatusDescription.
When to Use This Request
Use TokenPaymentRequest when:
-
The card details have already been securely tokenised by a third-party payment service (like Visa Checkout)
-
You want to bypass direct card entry on your platform
-
You're building a wallet-based checkout flow or mobile integration
-
You require PCI DSS scope reduction
What You’ll Need
To initiate a successful request, you’ll need:
-
A valid
Token(provided by the external wallet/encryption service) -
A
TokenDetailto indicate the source (e.g.VCOfor Visa Checkout) -
The usual transaction details (amount, order ID, etc.)
The token must be used shortly after it's issued. Tokens typically expire after a short duration.
Example Providers
| Provider | TokenDetail |
|---|---|
| Visa Checkout | VCO |
| Masterpass | MPC |
| [Custom Provider] | Varies |
PayGate will advise you if additional customer details must be passed through in the request.
Runtime endpoint: POST https://secure.paygate.co.za/payhost/process.trans