I am building an eCommerce site that and I would like to integrate Vantiv as the online payments provider. Keeping my system out of PCI scope is a must and so far I've found a couple of ways of doing this:
- Hosted Payment: Express Hosted Payments Pages - Overview
- Vantiv PayPage Integration: https://www.vantiv.com/content/dam/vantiv/developers/eCommerce/Vantiv_PayPage_Integration_Guide_V4.7.pdf
Out of these two, is there a preferred one? Also, Hosted Payment Integration does not support Check/ACH transactions. Is there a way to integrate in a way that would support Credit cards and Check/ACH transactions in the same flow?
Thanks,
Marcin
If you are coding to our eCommerce platform, you should use eProtect (formerly known as PayPage). The document you referenced is an old guide. Please take a look at Vantiv eProtect Integration Guide V6.10. eProtect offers several integration methods, but the one you will likely wish to use in the iFrame option, where we host sensitive fields (i.e., card number, CVV, etc.) such that the information is never exposed to your systems.
Unfortunately, the eProtect solution does not include eChecks; however, eCheck information is not covered by PCI requirement, so will not bring your systems into additional PCI scope. We do support tokenization of eCheck account numbers, just not through eProtect. The tokenization of the eCheck info will allow you to avoid the storage of the eCheck info on your system and reduce any security concerns you may have on that front.
If you have additional questions, please post them here and I'll try to answer them, or find someone else who can.
Tom