question

robb avatar image
robb asked robb commented

Does it need PCI DSS authentication to use API completely

  • Does it need PCI DSS authentication to use API completely

REST API
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
ben-m avatar image
ben-m answered robb commented

The term of the requirement used for the API-only approach is PCI Certification. You can use the Iframe to process the card into an encrypted token, and do the rest with the API. That way you will only need to be compliant and not necessarily certified.

Have a look at this article ( Not affiliated ) describing the difference between certification and compliance.

https://corp.sertifi.com/blog/posts/pci-compliance-vs-pci-certification/#:~:text=PCI%20compliance%20is%20a%20necessity,safe%20from%20hackers%20and%20fraudsters.&text=PCI%20certification%20is%20achieved%20through,proper%20procedures%20to%20protect%20data.

1 comment
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

robb avatar image robb commented ·

Can I use iframe to generate a card token? Whether the Api-only mode can be used .No PCI Certification is required

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community