ProPay supports merchant processing needs by offering both tokenized and non-tokenized approach to accepting credit and debit card payments. ProPay's ProtectPay tokenization service is recommended for most merchants because it enables processing without the need for sensitive data to touch the merchant's own network. Using ProtectPay helps merchants maintain compliance with the PCI data security standard, and allows them to focus on growing a business while ProPay helps to protect sensitive data.
For merchants who are comfortable managing their own data security, and who can validate their own PCI compliance, ProPay provides a simpler API-only option to accept credit and debit cards. Click here to learn about a non-tokenized approach for payment processing. Understand that using a non-tokenized method for processing will be required to validate PCI Compliance with ProPay.
Merchants frequently misunderstand or underestimate their obligations under the PCI Data Security Standard. Systems "fall under the scope" of the PCI DSS whenever they store, process, or transmit cardholder data, but merchants often believe that, so long as they don't actually store card numbers, they don't need to worry about PCI compliance. Such is not the case, and ProtectPay helps merchants deal with this reality by providing what are known as Payer Management Interfaces or PMIs.
The following steps are necessary for integration to a PMI called the "Hosted Payment Page". The HPP will maximize the benefits of using ProtectPay by collecting cardholder data with an interface hosted by ProPay. This interface can be embedded into your own web page as an iframe, and can be controlled remotely, by your web page using code tied to your own submit button. The ability to "remote control" the HPP gives you the benefit of a more synchronous flow, and an assurance that buyers haven't abandoned the sale during payment.
Use this API method to generate an instance of the HPP, and configure it to appear how you like.
Use this method to process a transaction using a token you've already created with a PMI.
Void a credit or debit card transaction before settlement or issue a Refund to the cardholder after transactions have been settled.