question

jbbdev avatar image
jbbdev asked David Marginian answered

PCI Compliance 'Low Burden' VS 'High Burden'

Hi,

When making payments with the Ecommerce API, it is recommended that you use the IFrame for 'lower PCI Burden'. It mentions if you use the API and not the IFrame, you will have a 'higher PCI Burden'.

What exactly is the difference between these PCI burdens? Can someone give an example of what the burden would be for 'lower PCI Burden' and an example of a 'high PCI Burden'?

Thanks!

Paymentsclover developer community
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

· Write an Answer
David Marginian avatar image
David Marginian answered

For the most part this has to do with the SAQ level - https://www.pcisecuritystandards.org/pci_security/completing_self_assessment.... In general our iFrame will be SAQ-A.

If you choose to tokenize the card via API then you should have an up-to-date PCI AOC - https://www.pcisecuritystandards.org/documents/PCI-DSS-v3_2_1-AOC-ServiceProviders.pdf.

If you don't understand these terms then you should do more research on PCI compliance, etc.

There are a few related threads here:

https://community.clover.com/questions/23229/e-commerce-api-api-only-pci-complience.html

https://community.clover.com/questions/22434/clover-developer-webinar-clover-e-commerce-api-qa.html




10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community