PCI compliance in itself is not something we can cover in the forums or even fully in our docs, there’s just far too much information to step through.
The First Data Payeezy payment method is an ‘Onsite’ payment method using the Direct API meaning it requires SAQ-D (the ‘highest’ level of compliance) on your end. Card data is not stored by Event Espresso itself, yet all of the details are captured on and sent from your server.
Does data get stored temporarily on our site or does it pass directly to the gateway?
PCI compliance covers not only storage but the transmission of data, which means with that payment method you need the highest level of compliance.
If you are looking for a payment method with a lower PCI requirement on your end I would recommend switching to Stripe or PayPal Express.
My apologies but I don’t understand your question.
What would a custom gateway do with a Payeezy URL?
If you mean can a custom payment method be created to use a different integration method (for example a hosted checkout) requiring less PCI compliance, then yes but you are basically then building your own payment method, its not a simply a sending a URL.
Viewing 3 reply threads
The support post ‘Flow of Credit Card Data’ is closed to new replies.
Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.
Support forum for Event Espresso 3 and Event Espresso 4.