Paytabs provides you with a collection of API endpoints which used to process all payments, regardless of if they are through either your own payment pages, the managed payment pages, or if you are using the hosted payment pages.


In this article, we will take you on a journey to understand more about what is PCI requirements, why PayTabs requires them, and what the alternative is.

 

In this article we will walk through the following:




What is PCI DSS?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of information security standards relating to card processing. They were first put into place in 2004 and are updated on a regular basis. Compliance with PCI DSS is mandatory for any organization that handles cards from any of the major card schemes. The PCI Security Standards Council manages the standards.


We highly recommmend you to read more about PCI DSS by checking our What is PCI DSS? and What are the Merchant Requirements? solution article



Why does PayTabs need PCI certification for using payment forms?

The main aim of PCI DSS is to make payment processes safe and secure. Compliance with this standard is important to ensure that the risk of a financial breach is minimized. You may like to check our "What is PCI DSS? and What are the Merchant Requirements?" solution article for more information.



We highly recommmend you to read more about why PayTabs may reqiure PCI DSS by checking our Why Does PayTabs Need PCI Certification For Using Payment Forms? solution article



Managed APIs PCI Requirements


Here, we will walk you through the PCI requirements for our Managed Form integration type. The Managed Form Integration Type is suitable for Merchants who is PCI certified to a minimum of SAQ A-EP. Whilst card details will not be handled by your system, the payment page is displayed on your website. 


You can learn more about the PCI DSS merchant requirements for this SAQ A-EP level from our What is PCI DSS? and What are the Merchant Requirements?

.

    


You should know that if you are not PCI certified, we highly recommend you to use our Hosted Payment Page, and for not redirecting the customer out of your system to the payment page, you may use our embedded hosted payment page as well. 

You also can customize the payment page to have the "Look & Feel" experience the same as your site, just you need to check our How to customize the PayPage (Hosted Payment Page) UI? solution article. 










⌂ To get familiar with the whole process and the other steps, kindly navigate to our "The PT2 API Endpoints Integration Manual" solution article. 

And to get familiar with the rest of the steps regarding the current step "Step 1 - Setup and activate the integration method" click here.

 And to navigate to the next step in the integration process "Step 2 - Configure the integration method" kindly click here.