Our app utilizes the merchant account in the payment gateway. We have another 3rd party vendor who will also be using the same merchant account in the payment gateway. The 3rd party vendor will accept the initial payment and we plan to process the auto-renewals directly through the app.
My question is, if the 3rd party accepts the initial payment and generates the tokenized credit card, can they share the token with the app via API so that we can process the auto-renewal payments? Is this possible and are there any possible issues with this?
From my understanding, this token can't be used in any other merchant account, so even if it is found, it is not useful to anyone else. Am I correct in this understanding?
