Hi,
When making payments with the Ecommerce API, it is recommended that you use the IFrame for 'lower PCI Burden'. It mentions if you use the API and not the IFrame, you will have a 'higher PCI Burden'.
What exactly is the difference between these PCI burdens? Can someone give an example of what the burden would be for 'lower PCI Burden' and an example of a 'high PCI Burden'?
Thanks!
For the most part this has to do with the SAQ level - https://www.pcisecuritystandards.org/pci_security/completing_self_assessment.... In general our iFrame will be SAQ-A.
If you choose to tokenize the card via API then you should have an up-to-date PCI AOC - https://www.pcisecuritystandards.org/documents/PCI-DSS-v3_2_1-AOC-ServiceProviders.pdf.
If you don't understand these terms then you should do more research on PCI compliance, etc.
There are a few related threads here:
https://community.clover.com/questions/23229/e-commerce-api-api-only-pci-complience.html
https://community.clover.com/questions/22434/clover-developer-webinar-clover-e-commerce-api-qa.html
1 Person is following this question.
