|
Katie Klumb
|
October 4, 2017 at 2:52 pm
Hello-
We’re hoping to limit our server from touching any credit card data, so we can be fully PCI-compliant by filling out the SAQ A or SAQ A-EP forms. For this to happen, the credit card details submitted through the Event Espresso plugin needs to be tokenized through First Data before they hit our web server. Are the credit card details tokenized in this manner, before they hit the web server? Hopefully the plugin uses client-side tokenization. That would really make our PCI-compliance much simpler.
Any light you can shed on this process would be helpful. Thank you!
|
|
Josh
|
October 4, 2017 at 3:36 pm
Hi Katie,
The recommended First Data gateway to use to help with PCI Compliance would be EE3’s First Data E4 gateway. That gateway actually takes the user to First Data’s website so the credit card details don’t hit your server.
If you use Event Espresso 4 The Payeezy gateway from First Data does not use the additional JavaScript to tokenize the credit card info on form submit.
|
