To avoid tons of pci "fun" it seems tokenizing is the way to go for a website. I am aware of the standard and that it's used for mobile often, but on the fly restricted tokens are possible too from what I see.
Are there any card processors that host iframes that generate tokens? This way I could use that service, and only handle a token, which I could pass along to third parties requiring credit cards.
If not I suppose I could develop my own token generator, and keep that isolated in a tiny pci scope.
Hi - thanks for your post. I think that it should be possible to find what you're looking for via a third party payment processor, or CyberSource. Have you checked with local payment processors? Could you provide more details on your region, and detailed use case? If you don't want to post on public forum, you can send me this information at firstname.lastname@example.org.