Skip to content
Manual

Choosing integration method

Factors to Consider

  • Business needs: single payments, repeat customers, recurring billing.
  • Regulations: PSD2 / 3-D Secure (3DS) authentication.
  • Development resources: size, skills, flexibility, and availability of your team.
  • PCI DSS level: your involvement in handling card data determines reporting obligations.

Merchant PCI Responsibilities

Integration MethodWho Collects Card DetailsPCI DSS Responsibilities
Payment Page (hosted page):Our system (merchant never touches card data)
  • SAQ-A Quarterly ASV scans (could be outsourced)
Server-to-Server / REST API:Merchant (data entered on merchant checkout)
  • If card data is stored (even temporarily): SAQ-D
  • If card data is not stored (immediately deleted): SAQ-A-EP
  • Must comply with PCI DSS security standards
  • Quarterly ASV scans
  • High-volume merchants may require Level 1 ROC (per VISA, Mastercard, AMEX rules)

Key Features and Benefits

Payment Page

  • Easiest and fastest integration.
  • Handles 3DS and is fully PSD2 compliant.
  • Requires the lowest PCI scope (SAQ-A).

Server-to-Server / REST API

  • Flexible and fully customizable.
  • Supports recurring payments, settlements, refunds, voids, payouts.
  • REST API handles 3DS flows
  • Provides maximum control but requires greater development effort.