nib travel insurance is PCI-DSS certified and supports been the merchant of record. nib Travel insurance also supports processing payments by the partner as part of integrated purchases - In this model nib Travel invoices the partner (‘on account’) For handling on-account purchases contact the nib Travel partnerships team.
nib has a tokenisation endpoint, to support scenarios such as fail over between multiple payment gateways used for redundancy and to support different tender types. This separation is to enforce strict security boundaries and avoid core APIs been involved in PCI scope.
To enable on-account payments the partner needs to be set up in the nib travel systems with on-account functionality enabled. This is ideally suited to bundled purchases embedded as part of a broader travel insurance booking flow.
When making the payment method the following request should be sent as part of the Purchase API. It is not necessary to send tokenised credit card information if the payment method been utilised is on-account.
To tokenise the request you need to send the card information to the Card tokenisation endpoint. This provides a one-time use token endpoint for any purchase transactions.
To support this you can pass in the following request to the card token API. This returns a token that can be used in the Quote API Booking request:
This section documents use-cases about integration with WPAY as a payment gateway. This is applicable for Partners using WPAY as their payment gateway.
The Partner will need to fetch the token / paymentid from WPAY and while calling the WPAY endpoint they need to make sure of these points :
The partner will make a call to our Purchase API with following updates to the request payload:
In the above example please note that,