Answer the question
In order to leave comments, you need to log in
Own module for accepting card payments on the site?
I wrote a module for accepting bank card payments for my website. What will happen if I use this script without pci diss, etc. What will be the consequences? Payments go through the bank's payment gateway and arrive on my card.
Answer the question
In order to leave comments, you need to log in
It is not you who accepts the payment, but the same banking gateway. You do not need pci diss, because the banking gateway already has it.
when connecting to the gateway to send card data via the API, you will be asked for PCI DSS compliance - and if you do not have it, they simply will not connect.
If you want a card entry form on your site - the easiest way is to load the fields for entering the number and CVC card from the payment gateway site via an iframe, then you will need a minimum. According to the standard iframe and redirect equally require the same requirements - filling out the SAQ A sheet
example docs.mandarinbank.com/api_v2.html#hostedpay
If on your side there is data processing and storage, as well as a payment page for entering card data, then the minimum that this article can fly for fraud. In this way, card data is stolen, for their further cashing out without the knowledge of the owners. It will arrive exactly after one of the cards has an unauthorized write-off and the issuing bank starts an investigation.
If there is no storage and processing on your side, the bank's payment page, then forget it, this is not your concern.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question