You can now use Carbon for the sale of your own digital assets. While we have an ever-growing list of tokens we offer for sale, it is not all encompassing. If your project uses a cryptocurrency or NFT that is not available through our standard Credit/Debit Purchases API, Carbon is still right for you thanks to our payment gateway.
You can also use the payment gateway to sell tokens we already offer
For partners that would like to control their own liquidity
With the payments gateway, Carbon processes payments by the user, before you, the integrator, fulfills the delivery of the assets acting as a more traditional payments processor.
The general flow is as follows :
- The user initiates the purchase and enters their credit card information.*
- The card is verified as 3D Secure enrolled. The users complete 3ds authentication with their bank. Carbon processes the charge and authorizes the card to complete checkout.
- Carbon sends a response to the integrating server to indicate that the charge was successful.
- The integrator delivers the digital assets to the user and indicates to Carbon's server the purchase has been filled.
- Carbon pays out the processed funds to the payment gateway integrator at determined settlement times.
*For complete PCI compliance, we strongly recommend integrating our checkout widget to isolate collecting, transmitting, and storing sensitive cardholder data to us.
While digital assets are our speciality, you can use our payment gateway to sell almost anything so long as our compliance team approves.
Tokenization & PCI Compliance Aside
While we do offer the option to render your own payment card form and collect payment card information without tokenization, doing so will significantly increase your PCI exposure and burden. Integrating our checkout widget will isolate dealing with raw cardholder data to our side and you as the partner only have to concern yourself with tokenized payment card data.
Tokenization involves exchanging sensitive data for a non-sensitive identifier that is internally mapped in a system (in this case our credit/debit card vault) to payment card information. Note that we never store unencrypted card numbers or cvc's on our servers in any circumstance. Instead we map tokens to payment card information stored with a third-party security provider and then utilize our credentials with this provider to add cards and authorize payments with our network of processors. By only dealing with tokenized cardholder data, you by and large isolate PCI liability to us.
To learn more about PCI and our security practices, please go here
Before deciding if the payment gateway is right for you
Read about our legal requirements.