A payment method nonce is a secure, one-time-use reference to payment information. It's the key element that allows your server to communicate sensitive payment information to Braintree without ever touching the raw data.

Payment method types

Any type of payment method can be referenced by a payment method nonce. This can help keep your integration simple and lightweight; for example, you could use the same server-side code for creating a PayPal transaction as you use for creating a credit card transaction.

Security

Security is important for all payment method types, but it's particularly critical for cards.

The Payment Card Industry Security Standards Council mandates compliance with their Data Security Standard (PCI DSS), and the less exposure your business has to raw card data, the easier it is to demonstrate compliance. Using payment method nonces in place of raw card data helps keep your PCI compliance burden to a minimum.

Learn more about security and PCI compliance in our support articles.

Functionality

Braintree's servers generate payment method nonces in response to requests from our client and server SDKs.

In general, your client will be responsible for receiving payment method nonces from Braintree and sending them to your server. Your server will then be responsible for sending those payment method nonces back to Braintree on requests to perform certain actions.

You'll need payment method nonces for two main purposes:

Lifespan

A payment method nonce may only be used once. If it is not used, it expires 3 hours after being created.

Learn more

See more documentation on payment method nonces:

Still have questions?

If you can’t find an answer, contact our Support team.