Payments—whether by consumers or businesses—are increasingly being made through digital channels. After all, online acceptance streamlines processes, eases demands on staff, and improves the customer experience. While the shift to digital offers a fast and convenient way for customers to pay, it unfortunately increases opportunities for hackers to break into systems and steal valuable card data. That’s why it’s more important than ever for software providers and their end users to employ security technologies that protect systems and networks from handling or storing sensitive payment details captured in online forms. Implementing these solutions also reduces the scope of vulnerable data, which simplifies PCI DSS compliance validation.
|Security Solution||In-page client-side tokenization||Hosted checkout page|
|Checkout Experience||Full control using your own pages||Redirect customers to a hosted page|
|Branding||Full customization of your own pages||Limited: add your logo and change colors|
|Speed to Launch||Days||Minutes|
|One-Time Transaction Capture||Yes||Yes|
|Save Cards on File||Yes||Yes|
|PCI Complexity Level||Moderate, SAQ A-EP||Simple, SAQ A|
Tokenization is the process of turning important data into a string of characters that serves as a reference to the original data, and has no value if breached. It allows for the collection of sensitive payment details directly from customers in a secure manner and, in return, issues a token representing this information to process payments. By tokenizing sensitive data, liability is reduced, simplifying PCI DSS compliance requirements.
The returned tokens are short-lived, single-use entities meant to be used immediately. They are used for two purposes: 1) to process a charge or refund a transaction, or 2) to store the payment information in a secure customer vault for later use, such as future transactions, recurring, and subscription payments.
If any of your customers just need a simple and secure way to accept payments on their website, consider implementing Hosted Payments. It allows them to quickly and easily turn their website into a convenient place for their customers to pay for goods and services from their desktop, phone or tablet without the embed payments software.
Hosted Payments adds a simple “Buy Now” or “Pay Now” button to a website that automatically redirects customers to a secure billing page where they enter their payment information. PayJunction’s Hosted Payments allows merchants to add a logo, customize the color palette, and specify information to collect.
Since PayJunction hosts the secure payment form, the sensitive payment information never passes through your website or servers. Therefore, all the data collected remains outside of PCI scope, which means the business will typically qualify for a simplified PCI DSS compliance validation process.
Hosted Payments is a standard feature that is available for all PayJunction customers. It is simple to set-up and offers options for collecting e-commerce payments via a shopping cart or collecting outstanding balances for invoices.
No matter which method you choose, you can rest easy knowing that the sensitive payment details collected are secure, and that your customers and their customers are protected.
Still have questions? Leave a comment below, we’d be happy to discuss more with you.