Handling Raw Card Data

Learn what's required to handle card data in your own environment.

Finix is certified as a Level 1 Payment Card Industry Data Security Standards (PCI DSS) compliant Service Provider. For more details, see Security and Compliance at Finix.

If you have a Level 1 PCI compliant card data environment (CDE), you don't have to use the forms offered by Finix and can create your own form or flow to collect buyer information.


If you're interested in processing raw card data, contact the Finix Support Team. A Level 1 or 2 PCI Attestation of Compliance (AoC) needs to be provided to Finix to process raw card data.

If you don't have a CDE and want to process payments, use Finix's Tokenization Form to collect buyer information.

To collect raw card data, you need to be fully PCI compliant. If you're not fully PCI compliant, use our Tokenization Form instead.

Processing raw card data is similar to processing other payments that use our Tokenization Forms. Steps include:

Building a Payment Form

The form you create must collect enough information to successfully create an Identity and Payment Instrument for the buyer. The information also needs to be collected in a PCI compliant environment.