Table: csi_iDonate_Tokens
Purpose
The csi_iDonate_Tokens
table is designed to store any saved credit card tokens for use by individuals who are logged in.
Refer to this article on Tokenization to learn more about how payment tokens work. The tokens stored in this table are referred to in the article as LVTs (Low-value tokens) or Security tokens because they cannot be used to process a payment or obtain a card number by themselves. Therefore, this method of storing payment tokens is PCI DSS compliant.
Schema
Column | Type | Notes |
---|---|---|
ID | NVARCHAR(10) | iMIS ID |
Token | NVARCHAR(32) | Token Value/String |
Service | NVARCHAR(32) | Name of the associated service (e.g. “BluePay”) |
ServiceAccount | NVARCHAR(32) | (BluePay) Account ID associated with this token |
Type | NVARCHAR(32) | Credit Card Account type (Visa/Discover/etc) or “ACH” for ACH. |
LastFour | NVARCHAR(4) | Last 4 digits of the account number |
ExpMo | NVARCHAR(2) | Expiration month (2-digit) – NULL for ACH |
ExpYr | NVARCHAR(4) | Expiration year (4-digit) – NULL for ACH |
ValidThrough | DATETIME | Computed expiration date of the credit card, but does not consider optional BluePay Account Updater feature, so should not be used for any important calculations – NULL for ACH |
LastUsed | DATETIME | The date that this token was last used as a gift payment method |
Primary Key: Composed of (Token, Service, ServiceAccount) – one record may not have the same token per service name per service account.
Notes
A user may have more than one payment token
A token may appear expired based on the initial expiration date or ValidThrough date, but may renew automatically via BluePay’s account auto updatre feature, if enabled
A token that is known to be invalid/expired should be deleted from this table
Users may elect to delete their stored payment tokens from this table via the CSiDonate donation form – this feature will be made available in a future update to the product
“Service” will always be “BluePay” at the time of writing this documentation