If you are dealing with payments in any capacity, you absolutely should be concerned about PCI. We encourage all merchants to learn more about PCI DSS compliance, and to develop and implement a strategy to reduce and protect the cardholder data environment. And if you have further questions pertaining to PCI, please feel free to reach out to us.
How you view PCI will guide which integration makes the most sense for your business. There are several primary factors to consider: how much flexibility you want within your payments page, how risk averse your business is with respect to cardholder data, and whether or not you have the right IT resources.
Hosted Payment Page (HPP) or Hosted Checkout (HCO) - this integration method will offer you the quickest path to market for your payments page. In essence, we provide template payments pages that are hosted within our domain which will guarantee that you never have to touch cardholder data. Some configuration is available with respect to cascading style sheets, logo placement, etc.
Direct API - this integration method allows you to retain full control over branding & look and feel of your payments page. The page is fully within your domain, and you can design the page however you like including where you place payment entry fields. Once all necessary information is gathered just execute the instructions against our APIs. Since the page is within your domain, any responsibilities associated with collecting cardholder data and/or PCI compliance will also fall within your domain. Learn more.
Payeezy.js - this integration method offers the best of both worlds. Card entry fields execute a .js script that tokenizes the cardholder data within our domain such that you are never touching that information. And of course, you can still design the page however you like. Learn more.
