The PCI-DSS compliance problem
In order to comply with the latest PCI-DSS regulation, online checkout pages need to meet a number of online security criteria. Attaining PCI-DSS compliance can be a long and arduous process. To avoid merchants having to attain PCI certification themselves, ZOOZ offers merchants the option to host their checkout pages as an iFrame on ZOOZ servers. Read more about PCI-DSS compliance here.
ZOOZ's iFrame solution - Secure Fields
One of the security criteria for PCI-DSS compliance is for secure transfer of credit card information from the browser to secure servers. Hosting the merchant's checkout page on Zooz's servers ensures secure end-to-end submission and transfer of credit card information in compliance with PCI-DSS regulation.
Is this solution right for my checkout page?
The Secure Fields solution is mostly relevant for web payment pages. For a native app payment page, we recommend implementing our REST API.
For merchants who would like to implement the Secure Fields solution, we provide guidelines that include relevant HTML, CSS, and JavaScript code snippets.
You can also learn more about collecting card information here.
If you need further assistance on how to implement the Secure Fields solution, please contact integration@zooz.com.