After going through a difficult PCI certification we wanted to help other Finastra products and potentially our customers or partners not have to go through the same troubles and costs.

What it does

Securely store cardholder data and provide the integrating system with a card-like token. User interface allowing the secure collection of cardholder data. No or minimal integration effort with inline interception preventing the distribution of card numbers API to tokenize card and process a card payment

How I built it

Using node.js we created several micro-services that expose APIs for tokenizing credit or debit cards as well as process transactions. We also created an interceptor that watches web requests and replaces cards with tokens and tokens with cards.

Challenges I ran into

Allowing our interceptor to be configurable per communication channel monitored was something we really had to think through. In the end, we were able to create a configuration file that fully changes the function of the interceptor which allows it to be used in many areas without having to make code changes to the app.

Accomplishments that I'm proud of

The teamwork that it took from a coding, business plan, and architecture perspective was really good.

What I learned

We learned a lot about and that many of our teams around the world are facing the same challenges that my team faces.

What's next for CardVault

CardVault has enough business interest that our Product Manager has added it to our roadmap.

Video Link:

Built With

Share this project: