Vault Technology for Mid-Back Office (MBO) Credit Card Storage

Mid OfficePCI DSSCredit Card Tokenization

Vault Technology for Mid-Back Office (MBO) Credit Card Storage

Mid OfficePCI DSSCredit Card Tokenization

Vault Technology for Mid-Back Office (MBO) Credit Card Storage

Mid OfficePCI DSSCredit Card Tokenization

Travel management companies (TMCs)

Travel management companies (TMCs) commonly arrange credit card payment methods with their corporate clients. These companies are required to securely store corporate credit card details and use them for charging customers or providing payment information for services like airline ticketing or hotel reservations.

Traditionally, credit card data is stored either within a back-office accounting system or kept offline, accessible only to authorized personnel such as finance or operations managers.

In most legacy back-office systems, credit card information is stored either in plain text or in an encrypted format. However, the encryption key is often located within the same application or on the machine where the system is installed.

There are several disadvantages of this traditional practice.

Single point of failure for hacking
Restricted access with operational bottleneck
Possible of abuse usage by internal team
Manual handling and limited integration with other systems
Violate PCI-DSS compliance requirements

What Is Credit Card Vault?

The Credit Card Vault is a standalone system that uses credit card tokenization technology and operates on a separate network.
When a travel consultant needs to collect a customer’s credit card information, they can trigger a function from the front or mid-office system that calls the Credit Card Vault API, using details such as the customer ID. This API returns a secure card collection link, which is then shared with the customer.
Step 1

The customer enters their card information directly through this link, ensuring that the travel consultant never sees the full card number.

Step 2

These systems retain only the customer profile, a masked version of the card number, and the corresponding token.

Step 3

Once submitted, the card number is stored in the Credit Card Vault’s database in strong encrypted form, with each entry protected by a unique encryption key managed through AWS Key Management Service (KMS). A token is generated for the card and returned to the front or mid-office system.

Step 4

When it’s time to issue an air ticket, the consultant simply selects the masked card. The mid-office system then uses the token—along with verification data like the customer ID—to call the Vault API, retrieve the decrypted card number securely, and submit it to the GDS for ticket issuance.

The approach ensures that

  • The back office only processes financial data, allowing it to be excluded from PCI DSS scope.
  • Travel consultants can operate efficiently without ever accessing sensitive card numbers

Need help with NDC? Let’s strategize together!

Contact Us

Choosing The Appropriate NDC Implementation Strategy
NDCOnline Booking SiteCorporate Booking Tool
Next Case Study
Choosing The Appropriate NDC Implementation Strategy
NDCOnline Booking SiteCorporate Booking Tool
Next Case Study
Choosing The Appropriate NDC Implementation Strategy
NDCOnline Booking SiteCorporate Booking Tool
Next Case Study
Travel Solutions
Corporate Booking ToolMid-Back OfficeInternet Booking Engine
About Us
We Are ForeceptsOur TeamCore Idea & Beliefs
Case Studies
Join Us
Contact Us
© Copyright 2025 Forecepts Pte Ltd. All Rights Reserved.
Travel Solutions
Corporate Booking ToolMid-Back OfficeInternet Booking Engine
About Us
We Are ForeceptsOur TeamCore Idea & Beliefs
Case Studies
Join Us
Contact Us
© Copyright 2025 Forecepts Pte Ltd. All Rights Reserved.
Travel Solutions
Corporate Booking ToolMid-Back OfficeInternet Booking Engine
About Us
We Are ForeceptsOur TeamCore Idea & Beliefs
Case Studies Join Us Contact Us
Follow Us On
© Copyright 2025 Forecepts Pte Ltd. All Rights Reserved.