Security aspects/requirements for showing/using Native Payment Pages on my website?

Aditya Thakur's Avatar

Aditya Thakur

06 Feb, 2017 04:31 AM

Dear CG Team,

I would like to have an idea about the requirements for using native payment pages on my website i.e to accept CREDIT CARD info directly on my website ( not the hosted pages ).
As we have option to leverage CG Rest API's for billing, I would want to make secure and hassle free experience for both customers & client.

Do we need to get PCI Compliance for our website ? Any other aspect we should not miss ?

Thanks & Regards,
Aditya Thakur

  1. Support Staff 1 Posted by Meghan Turner on 06 Feb, 2017 09:58 PM

    Meghan Turner's Avatar

    Hi Aditya,

    Sure, happy to answer your questions.

    No matter what payment page solution you're using (even hosted pages), your site most likely needs to be at some level of PCI compliance. PCI compliance applies to anyone who collects personally identifiable information from card holders which includes information like customer names and emails.You can learn more about the PCI requirements and find the self assessment you'll need at https://www.pcisecuritystandards.org/document_library (check out the SAQ documentation for info about the self assessments). It's likely that you'll need to complete PCI DSS Self-Assessment Questionnaire (SAQ) and a quarterly security scan, but definitely read through the documentation on their website to determine what level of compliance will be best for your situation.

    Data is SSL encrypted when passed through the API, but we recommend (and it is likely required by PCI standards as well) that you have an SSL certificate for any domain that is collecting customer data (i.e. sign up forms, contact requests, etc.).

    Hope that helps, but let me know if you have any other questions!

    Meghan

  2. Meghan Turner closed this discussion on 17 Mar, 2017 07:45 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac