After going through a difficult PCI certification we wanted to help other Finastra products and potentially our customers or partners not have to go through the same troubles and costs.
What it does
Securely store cardholder data and provide the integrating system with a card-like token. User interface allowing the secure collection of cardholder data. No or minimal integration effort with inline interception preventing the distribution of card numbers API to tokenize card and process a card payment
How I built it
Using node.js we created several micro-services that expose APIs for tokenizing credit or debit cards as well as process transactions. We also created an interceptor that watches web requests and replaces cards with tokens and tokens with cards.
Challenges I ran into
Allowing our interceptor to be configurable per communication channel monitored was something we really had to think through. In the end, we were able to create a configuration file that fully changes the function of the interceptor which allows it to be used in many areas without having to make code changes to the app.
Accomplishments that I'm proud of
The teamwork that it took from a coding, business plan, and architecture perspective was really good.
What I learned
We learned a lot about FusionFabric.cloud and that many of our teams around the world are facing the same challenges that my team faces.
What's next for CardVault
CardVault has enough business interest that our Product Manager has added it to our roadmap.