Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's not material to your post but the DPAN isn't detokenized, but is sent to the networks (Visa/MC) to be charged.

Privacy.com serves the purposes of a per-merchant PAN (read: credit card number) online without having to use apple pay.



The DPAN is eventually detokenized prior to submission to the issuer for authentication and payment.

So from Apple Pay wallet -> reader -> acquirer -> network -> issuer, the DPAN is used. When it reaches the issuer, the issuer detokenizes DPAN -> CPAN to process the request. When it responds, it retokenizes etc for the response.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: