Card data never enters chat
The separation between conversation and card data is enforced at multiple levels:- No agent prompt instructs or allows collection of card numbers, CVV, or expiry dates in conversation. Agent system prompts explicitly scope the conversation to non-sensitive data collection — destination, amount, recipient, payout method.
get_payment_methods()returns display names only — the tool function returns card identifiers such as “Visa ending 1234”, never raw card numbers, CVV, or expiry dates. Agents present these display names for the sender to select a saved payment method.- Card entry happens exclusively in the external web widget — when a new card is required, the agent generates an authenticated short link. The sender opens the link in their browser and enters card details in the widget’s PCI-scoped environment.
The conversational AI layer has zero exposure to raw card data at any point in the transaction lifecycle.
Tokenized card handling
Card data that returns from the web widget to Lola Send’s backend is always tokenized:- Callback payloads from the widget contain tokenized card references (e.g.,
tok_sandbox_...), not raw card numbers - Card security codes are also tokenized in callback payloads
- Sealed responses use Base64-encoded encrypted payloads for sensitive card-related data (ANI/AVS verification responses)
- The backend processes tokenized references exclusively — it never receives or stores raw card numbers from the widget flow
Card vaulting
The web widget integrates with card vault infrastructure (VGS or equivalent tokenization provider) using a proxy-based architecture:Card capture in PCI-scoped iframe
The sender enters card details into the widget’s PCI-scoped iframe. Raw card data exists only within this isolated browser context.
Direct transmission to vault
Raw card data is sent directly from the sender’s browser to the vault provider. It does not traverse Lola Send’s network, API servers, or any middleware.
Token returned to widget
The vault provider returns a token representing the card. The widget receives only this token — the raw card data has already been captured and secured by the vault.
PCI DSS scope reduction
Because raw card data is captured and vaulted entirely outside Lola Send’s agentic layer:- The conversational infrastructure — Celai, agents, Redis, middleware — operates outside PCI DSS scope
- The web widget is the only component in the PCI boundary, and it delegates card capture to the vault provider’s PCI-certified infrastructure
- Lola Send’s backend handles only tokenized references, which are not considered cardholder data under PCI DSS
Separation of concerns
| Layer | Responsibility | Card data access |
|---|---|---|
| Chat (Celai) | Conversation orchestration, data collection, quoting | None — display names only |
| Web widget | CIP verification, card authorization | Tokenized — raw data sent directly to vault |
| Card vault (VGS) | Card capture, tokenization, storage | Full — PCI-certified infrastructure |
| Backend | Operation execution using tokens | Tokenized references only |
Each layer in the stack has the minimum card data access required for its function. The conversational layer has none. The widget handles only tokens. Only the PCI-certified vault touches raw card data.