# Handling credit card sources

In the Digital River API, sources created from credit cards are [multi-use](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use), [synchronous](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#synchronous-or-asynchronous), and [pull-based](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#pull-or-push). This means that customers aren't required to re-enter payment details before every payment; they are provided instant notification of a payment's approval status, and the amount charged to the card can be updated repeatedly throughout the checkout process.

The Sources API supports a [wide range of credit cards](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#payment-methods).

## Creating a credit card source

To ensure that you remain PCI compliant, credit card Source objects are [created by DigitalRiver.js](https://docs.digitalriver.com/digital-river-api/payment-integrations-1/digitalriver.js/quick-start#step-1-include-digitalriver-js-on-your-page) and then returned to your integration.

You must [include the DigitalRiver.js library](https://docs.digitalriver.com/digital-river-api/payment-integrations-1/digitalriver.js/quick-start#step-1-include-digitalriver-js-on-your-page) on your payment collection form to create a credit card source. You then [create your payment form](https://docs.digitalriver.com/digital-river-api/payment-integrations-1/digitalriver.js/quick-start#step-2-create-your-payment-form) and [embed elements](https://docs.digitalriver.com/digital-river-api/payment-integrations-1/digitalriver.js/quick-start#step-3-create-and-embed-elements) on it. Once a customer has supplied payment details, you pass the data to DigitalRiver.js to [create the payment source](https://docs.digitalriver.com/digital-river-api/payment-integrations-1/digitalriver.js/quick-start#step-4-use-digitalriver-js-to-create-a-payment-source). We then return a source identifier to your integration.

## Charging a credit card source

You can either [attach the Source to a Customer](https://docs.digitalriver.com/digital-river-api/payments/using-the-source-identifier#attaching-sources-to-customers) for use in the current Checkout and potentially reuse it in future payments or [attach it directly to a Checkout](https://docs.digitalriver.com/digital-river-api/payments/using-the-source-identifier#attaching-sources-to-checkouts). In the latter case, the Source cannot be reused and will have a [state](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#source-state) of `consumed` once charged.

{% hint style="danger" %}
Credit card sources should be used shortly after they are created. This is because CVC data expires within a few minutes. Orders created with cards that lack CVCs are more likely to be declined and pose a greater fraud risk.
{% endhint %}

Once you have attached the Source to a Customer or directly to a Checkout, Digital River can then use it to create a [Charge object](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics) when you [submit an Order](https://docs.digitalriver.com/digital-river-api/order-management/creating-and-updating-an-order).