Tokenized Card Details

Overview

The Sylius Adyen Plugin implements full support for Adyen’s card tokenization feature, allowing merchants to:

• Save card details for logged-in customers,

• Reuse saved cards for future purchases,

• Securely store only tokens (PCI DSS compliant),

• Let customers manage and delete their stored cards.

📖 Reference: Tokenization for recurring payments

Security and Compliance

PCI DSS

• Raw card details are never stored locally,

• Only Adyen-issued tokens are persisted.

Authentication

• Tokenization is available only for logged-in customers,

• Each token is linked to a specific shopperReference,

• Ownership is checked before deletion.

Strong Customer Authentication (SCA)

• The first transaction requires full authentication (e.g., 3D Secure),

• Subsequent payments may be treated as merchant-initiated and exempt from SCA.

Customer Experience

In the Adyen Drop-in component, customers see:

• A "Save for my next payment" checkbox when entering new card details,

• A list of saved cards on subsequent checkouts,

• An option to remove stored cards from their account.

Summary

With this integration, the Sylius Adyen Plugin provides a secure, PCI DSS–compliant, and customer-friendly card storage solution, enabling recurring purchases and faster checkout, fully aligned with PSD2 and SCA requirements.