Payments PCI Compliance
Gotransverse is PCI Data Security Standard (DSS) Level 1 compliant. Therefore, tenant PCI compliance is important to us.
Gotransverse offers two methods of payment integration:
-
Payments.js
-
Direct API Submission of Credit Cards
For more information about PCI standards, refer to the PCI Security Standards Council 
. For more information about PCI DSS self-assessment questionnaires, refer to Understanding the SAQs for PCI DSS version 3 .
The following list describes each method and their respective PCI responsibility:
-
Payments.js — Payments.js provides a hosted form that partially shields a tenant from PCI compliance by submitting the credit card information directly from the browser to Gotransverse. A token is returned, which is then submitted as a payment via API. This option qualifies you for the PCI Data Security Standard Self-Assessment Questionnaire A-EP and Attestation of Compliance
.
PCI Hosted Form
-
Direct API Submission of Credit Cards — Direct submission of credit cards pulls the tenant into PCI scope. The tenant collects the credit card in their form, submits to their server, and then makes an API call to Gotransverse to pass the credit card information. Your merchant bank account provider will require you to complete the PCI Data Security Standard Self-Assessment Questionnaire C and Attestation of Compliance
.
PCI API