Cards
| Metadata | Value |
|---|
| TAM Boundary | #9 of 12 |
| Mission | Tokenization, BIN data |
| Key Capabilities | Card tokenization, BIN lookup, PCI data handling, token vault |
| Last Scanned | 2026-01-09 |
Overview
The Cards boundary manages sensitive card data handling including tokenization services, BIN (Bank Identification Number) lookup, and PCI-compliant card storage. This boundary ensures secure handling of card data across all payment channels.
Applications
- Token Service - Card tokenization (multiple implementations)
- PCI Proxy - PCI-compliant proxy and tokenization
- BIN Lookup - Card BIN data services
- Token Vault - Secure token storage
Repository Inventory
Architecture Notes
Tokenization Flow
Card Data → Token Service → Token + Vault Reference
│
└── 3CTOKENDB (token storage)
Token Services
Multiple implementations exist:
- pgid-token (Java) - Integra tokenization
- TokenService (C#) - .NET token service
- token-vault (Java) - PCI Proxy tokens
- pci-proxy (Java) - Datatrans tokenization
BIN Data
- BIN lookup for card identification
- Used in transaction routing decisions
- Data flows to analytics via Flink workers
PCI Compliance
- All card data handling is PCI DSS compliant
- Separate PCI infrastructure (
pci-infracode)
- Token-based approach minimizes PCI scope
Key Integrations
- Integra FE - Card-present tokenization
- Datatrans - E-commerce tokenization
- PSW - Token usage in acquiring
Technology Stack
| Component | Technology |
|---|
| pgid-token | Java |
| TokenService | C# (.NET) |
| token-vault | Java |
| pci-proxy | Java |
| Database | SQL Server (3CTOKENDB) |
| Infrastructure | Terraform |
Strategic Direction
- Unified tokenization service across channels
- Network token adoption (Visa/Mastercard)
- Token lifecycle management
- Enhanced BIN data services
Data Platform Integration
dataeng-dip-etl-bin-lookedup - BIN lookup events to Snowflake- Protobuf contracts for BIN data schema
