xKey) to identify on what account to process a specific transaction. Each Cardknox product doc will guide you where to set the
xKey(for example: in the body of the request along with all other parameters, in the request header as “Authorization”, in the app settings etc.). You will have a unique
xKeyfor sandbox and production accounts.
xToken. As a merchant’s PCI-compliance scope is greatly increased when storing sensitive data, best-practice is to store the token in your database instead of the sensitive data and use the token for follow-up transactions. With this approach, if a data breach occurs on your local system, sensitive data will not be at risk.
cc:save. For check transactions,