Stored payment methods allow payers to reuse payment credentials across transactions.
All stored payment methods are backed by NPS tokens.
Key idea:
The Profile Service never stores raw payment credentials — only tokens.
The Profile Service never stores raw payment credentials — only tokens.
Stored methods may represent:
- Cards (PAN or network tokens)
- Wallet credentials
- ACH accounts
Only non‑PCI metadata (last four, brand, expiration) is stored.
A stored payment method is owned by:
- A Person, or
- An Organization
It may then be associated to one or more Accounts where that owner is a payer.
For automatic payments:
- Each Account may have one active auto‑pay payment method
- The payer must be explicitly authorized on the Account
This keeps responsibility and automation unambiguous.
Stored payment methods participate in Payment Credential Lifecycle Management.
- Underlying credentials may be updated automatically
- The client‑facing token does not change
- Update events may be emitted via notifications
- Payments use tokens for transaction submission
- Billing and recurring services select eligible methods
- Invoices and widgets display masked details to payers
- Payment Widget allows additions, updates, and removal of payment methods and autopay contracts.
The Profile Service may be used as a standalone payment-method vault.
In this mode:
- Payment methods are owned by a Person or Organization
- No Account association is required
- Tokens may be retrieved and used directly with the Payments API
- The Payment Widget can manage payment methods without invoices or balances
This pattern is commonly used for:
- One-off payments
- Donations
- Account-less checkouts
- Partner-hosted payment experiences
- Stored payment methods are token‑only
- Ownership and authorization are explicit
- Auto‑pay rules are enforced at the account level
- Lifecycle updates happen automatically