Braintree Checkout Page

While PCI compliance is a mandatory requirement for accepting credit cards, it doesn’t have to be an expensive burden. The latest Payment Card Industry Data Security Standards (PCI DSS) continue to make online shopping safer, but consequently these standards also makes it more difficult for smaller businesses to accept credit cards online. PCI DSS mandates different sets of requirements depending on how an e-commerce site processes credit card payments. By not saving or transferring payment information to a gateway, you can minimize the cost PCI DSS has on your business.

It is common for e-commerce frameworks to use direct communication to receive and transmit credit card data to a payment gateway. Using this approach requires credit card information to be obtained by the web server and this information is then sent to the payment gateway. If a server handles credit card data it is put under heavy PCI scrutiny. Implementing a third party solution like PayPal, Stripe, BluePay, or Braintree drastically reduces PCI scope because the credit card data is entered on the gateway’s server. In the client checkout page shown we implemented Braintree’s Hosted Fields, a set of iframes that were customized to seamlessly integrate with the website’s look and feel.

If you would like to minimize your PCI DSS responsibility or integrate with a third party payment gateway, call us or send us a message.