Implementation

Implementation

The merchant or integrator can decide whether integrate QMORE Checkout Seamless without the "PCI DSS SAQ A Compliance" feature requiring PCI DSS v3.2.1 certification and compliance with SAQ A-EP, or with the "PCI DSS SAQ A Compliance" feature which was developed especially for QMORE Checkout Seamless and ensures compliance with PCI DSS v3.2.1 and is based on the less stringent SAQ A.

Note: Payment Card Industry Data Security Standard Self-Assessment Questionnaire A is a security standard and best practices in the credit card industry. Following this standard, a merchant’s website is not allowed to handle sensitive credit card-specific data by itself.

SAQ A-EP

When using QMORE Checkout Seamless, sensitive payment data are entered by the consumers in HTML forms in the online shop and directly transferred to QENTA via JavaScript to be stored in the QENTA Data Storage. Although sensitive data are never transferred to the online shop, compliance with the PCI DSS v3.2.1 and corresponding SAQ A-EP is required.

Supported payment methods

For all other supported payment methods data doesn’t need to be stored in the Data Storage before starting the payment process itself.

SAQ A

For "PCI DSS SAQ A Compliance" credit card relevant data are no longer transferred to QENTA via JavaScript but are entered directly in a web form delivered by QENTA. For this purpose, an iframe is displayed containing the relevant credit card input fields where the content of this iframe is directly delivered by QENTA.

Supported payment methods

For all other supported payment methods data doesn’t need to be stored in the Data Storage before starting the payment process itself.