3 posts / 0 new
Last post
alonraskin3139
Integrating Swipe Devices with Payeezy

Hi,

I am evaluating Payeezy for use with a swipe device but I have some concerns regarding security/PCI compliance.
I dont see an SDK or a mag stripe reader available for use with Payeezy. Can you confirm whether one is available?

If one is not available I assume we can just use one that will let us read the number from the device and then pass that to the appropriate SDK to get the token. Is that correct? Does the fact that the our code is handling the CC number on the mobile device mean that we are no longer PCI compliant or does it only become an issue if we send the CC number to our server?

Here is the workflow i have in my mind.
1. User swipes Credit Card (CC) on iPad which has a Mag Stripe Reader attached
2. The API for the reader reads the CC number and passes it to our code
3. Our code sends this to the Payeezy API to obtain a token
4. The token is sent to our server for charging later on

Does the fact that the CC number is handled by our code on the device cause a PCI issue?


sergeyparamonov3811
Re: Integrating Swipe Devices with Payeezy

My understanding is that there is a difference between scenarios Card-Present and Card-Not-Present. Seems that Payeezy is targeted for card not present scenario which is typical for e-commerce website. For card present scenario you would need to submit the entire Track data (the whole thing that you get when you swipe the card). I am assuming that by presenting the whole track data you can show the system that you actually have the card.

Now, I don't know if you can charge the card without CVV code using Payeezy and would like to understand that as well. You can develop a form where you parse Track data into name, card number and stuff and then have another field for a manual CVV input, but this doesn't seem ideal to me. And then this seems to use a card not present scenario when the card is actually present and I am not sure what kind of implications this brings with card issuers license agreements.

I would like to get a clarification on this as well.


rohitrajagopal3402
Re: Integrating Swipe Devices with Payeezy

Hi Alon,

 Sergey is right. Payeezy APIs are an e-commerce/m-commerce offering.

However, Payeezy gateway allows magstripe devices to be used in conjunction with RPM. More information on this is available on this page: https://support.payeezy.com/hc/en-us/articles/203731299-Using-a-Retail-Swipe-Device-with-RPM

Regards,

Payeezy Team