Card Data Security container

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Card Data Security container

    The Card Data Security container in ServiceNow enables secure handling of Payment Card Information (PCI) within Financial Services Operations card dispute workflows. It integrates with a tokenizer service to protect sensitive card data, allowing users to view and manage card information without directly exposing PCI details. This container requires context-aware authorization configured via OAuth to function properly.

    Show full answer Show less

    Key Features

    • Secure Card Number Display: Shows tokenized card numbers within ServiceNow interfaces and reveals the original card number only on authorized request, protecting PCI data.
    • Secure Document Handling: Allows secure viewing and downloading of documents containing PCI data stored in the tokenizer service.
    • Card Number Input: Provides an embedded iframe interface for securely entering card numbers.
    • Document Upload: Supports uploading files that contain PCI data securely.
    • Configurable UI Components: Features can be customized and extended through UI Builder properties and components.

    Practical Implementation

    The container components appear within UI Builder views. Two key preconfigured components are:

    • Card Number Reveal Component: Automatically included in the card dispute workflow under the transaction record and Dispute Workspace. It retrieves the tokenized PAN from the payment card record and detokenizes it securely on user request.
    • Secure Attachment Viewer: Displays attachments in two tabs—Issuer (files from dispute agents) and Merchant (files from card networks or merchants, securely stored in the tokenizer vault).

    Modifications and additional features like card number input and document upload can be implemented or customized using UI Builder. Configuration involves adding the Card Number Reveal component to your UI Builder page and setting the appropriate viewport load requests with payment card identifiers.

    What This Enables for ServiceNow Customers

    • Securely handle PCI card data in dispute workflows without risking exposure of sensitive information.
    • Comply with PCI data security requirements by leveraging tokenization and controlled detokenization.
    • Easily customize and extend card data handling interfaces within your ServiceNow environment using UI Builder.
    • Manage attachments containing PCI data in a secure and organized manner, differentiating between issuer and merchant sources.

    The Card Data Security container enables secure handling of Payment Card Information (PCI) card data within Financial Services Operations card dispute workflows through integration with a tokenizer service. This allows users to work with sensitive card information without exposing PCI data directly.

    Note:
    Card Data Security container requires context-aware authorization to function correctly. See Set up OAuth for Card Data Security for more information.

    Key capabilities

    This component offers the following capabilities:

    • Secure card number display within the ServiceNow interface via integration with the tokenizer service (preconfigured in Card Data Security)
    • Secure viewing and download of documents stored in the tokenizer service containing PCI data (preconfigured in Card Data Security)
    • Secure card number input through an embedded iframe interface
    • Document upload functionality for files containing PCI data
    • Configurable features through UI Builder properties

    Implementing and modifying the component

    This component displays within UI Builder views.

    Two capabilities are preconfigured in Card Data Security: a card number reveal component and a secure attachment viewer. Use UI Builder to make changes to the preconfigured Card Data Security components.

    You may also use UI Builder to implement features in the Card Data Security container that aren't preconfigured in Card Data Security, such as card number input and document upload.

    For more information about this component's configuration options and adding it to a workspace, see the following resources:

    Card Number Reveal Component

    After installing Card Data Security, the card dispute workflow includes this component as a preconfigured card number reveal component. This component is in the transaction record and the Card details section of the Dispute Workspace.

    In the transaction record page, the value is derived from the PAN field of the payment card linked to the transaction.

    In the dispute workspace, the value is the payment card's tokenized PAN from the disputed financial transaction.

    Note:
    The tokenized PAN value from the tokenizer service is stored in the payment card record's PAN field. When you select the show icon, the card number reveal component detokenizes and displays the original PAN. When you select the hide icon, it restores the redacted value.
    Figure 1. Card number reveal component in Dispute Workspace
    Dispute Workspace showing Card details section with masked card number field.
    Figure 2. Card number reveal component in Transaction record
    Transaction details form showing card number reveal component in card details section.

    This component is a UI Builder page collection called FSO Card Number Reveal Viewport Pages.

    Use UI Builder to move this component elsewhere as required.
    1. Add a viewport to your desired page.
    2. Add the FSO Card Number Reveal Viewport Pages page collection to the viewport.
    3. Create a Viewport load request and define the following values:
      Table 1. Viewport configuration
      Field Value
      Viewport Card Number Reveal Viewport
      Viewport Route <The viewport variant you want to use - select the design from the dispute workspace or the record page form>
      Viewport Fields <The paymentCardSysId value.>
      Note:
      This value is required for the component to function.
    Refer to the related links for more information.

    Displaying and downloading secure attachments

    After installing Card Data Security, the Attachments view in the contextual side panel displays attachments differently at the transaction level. It displays two preconfigured tabs:
    • Issuer, which shows files added by the dispute agent.
    • Merchant, which shows files received from the card network, acquirer, or merchant, stored in the tokenizer service vault.
    For more information, see Manage attachments in Card Data Security.