Advanced
Pay using iFrame
Use this mode of integration, if you wish to embed the payment form as part of your checkout page.
Create Order
To collect payment from a customer, you first need to create an order with Juspay. Order encapsulates all the information that is required for payment.
Embedding the iFrame
The iframe URL is available as part of the POST /orders API.
Example
{
"order_id": "1478851764",
"id": "ord_e294a26e66ad4336a992ceab81ad704c",
"status": "CREATED",
"status_id": 1,
"payment_links": {
"web": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c",
"mobile": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c?mobile=true",
"iframe": "https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c"
}
}
payment_links attribute will be present in /orders API. We have provided three variants to make it easy for your customers. As the name implies, these are best suited for the respective channels.
Variant | Description |
---|---|
web | Renders a desktop-optimized version of the checkout page |
mobile | Renders a mobile-optimized version of the checkout page |
iframe | Provides an iFrame that you can embed as part of your checkout page |
<iframe src="https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c"
width="630" height="400"
style="border: 1px solid #CCC;padding: 20px;height: auto;min-height: 300px;">
</iframe>
Mobile optimised form
The mobile variant url is available in payment_links attribute will be present in /orders API. Please see the code below:
<iframe src="https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c?mobile=true"
width="630" height="400"
style="border: 1px solid #CCC;padding: 20px;height: auto;min-height: 300px;">
</iframe>
This will render a mobile responsive form with all the functionalities included.
Note: The mobile-optimized checkout experience will use the redirect mode to do the authentication.
Using EMI
To support EMI the iFrame payment URL has been enhanced to take additional parameters:
- is_emi: Indicates if EMI is applicable for this transaction. Valid values are true and false.
- emi_bank: Issuing bank of the card
- emi_tenure: Tenure of EMI in months
Note: It is an error to pass is_emi and not pass emi_bank and emi_tenure.
Sample code for creating an iFrame with EMI support:
<iframe src="https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c?is_emi=true&emi_tenure=6&emi_bank=HDFC"
width="630" height="400"
style="border: 1px solid #CCC;padding: 20px;height: auto;min-height: 300px;">
</iframe>
Currently supported combinations of emi_bank and emi_tenure are:
EMI Bank | EMI Tenure | Supported Gateways |
---|---|---|
HDFC | 3,6,9,12,18,24 | PAYU, HDFC, RAZORPAY |
CITI | 3,6,9,12,18,24 | PAYU |
ICICI | 3,6,9,12,18,24 | PAYU, ICICI, CCAVENUE, RAZORPAY |
SBI | 3,6,9,12 | PAYU, CCAVENUE, RAZORPAY |
AXIS | 3,6,9,12 | PAYU, ICICI, CCAVENUE, RAZORPAY |
SCB | 3,6,9,12,18,24 | ICICI, PAYU, RAZORPAY |
KOTAK | 3,6,9,12 | ICICI, CCAVENUE, PAYU, RAZORPAY |
HSBC | 3,6,9,12 | ICICI, CCAVENUE, PAYU |
AMEX | 3,6,9,12 | PAYU, CCAVENUE, RAZORPAY |
INDUSIND | 3,6,9,12,18,24 | PAYU, CCAVENUE, RAZORPAY |
RBL | 3,6,9,12,18,24 | RAZORPAY, PAYU |
YES | 3,6,9,12,18,24 | PAYU, RAZORPAY |
ICICIDC | 3,6,9,12 | PAYU |
AXISDC | 3,6,9,12 | PAYU |
HDFCDC | 3,6,9,12,18 | PAYU, BILLDESK |
PCI Compliance
iFrame based integration offers the easiest path to PCI Compliance. Since iFrame is as good as a separate browser window, your website is completely shielded away from getting any sensitive card information. You can become PCI Compliant by simply filling up the PCI DSS SAQ-A questionnaire.
Javascript Integration
Pay-V2.js
Deprecated (please use pay-v3.js)
This mode of integration is an alternative to iFrame based integration. While the iFrame based integration lets you easily get to the market, javascript based integration gives you the ultimate flexibility to define the checkout experience for your customer.
Create order
Order creation has already been explained previously. Follow the same steps mentioned here.
pay-v2.js (deprecated)
pay-v2.js has been deprecated. Migrate to pay-v3.js for better security and reduced compliances. For pay-v3.js integration document, please check this link. If you are looking for pay-v2.js integration document, please continue.
<script type="text/javascript"
src="https://api.juspay.in/pay-v2.js"></script>
Implementing Checkout
Before we get to the details, let's take a quick look at a typical payment form. This is the part you can build with your web framework, or by hand in HTML - whichever way you are used to building forms on the web.
For Cards
<form class="juspay_inline_form" id="payment_form">
<input type="hidden" class="merchant_id" value="guest">
<input type="hidden" class="order_id" value="guest_order"/>
<input type="text" class="card_number" placeholder="Card number">
<input type="text" class="name_on_card" placeholder="Cardholder name">
<input type="text" class="card_exp_month" placeholder="MM"> - <input type="text" class="card_exp_year" placeholder="YYYY">
<input type="text" class="security_code" placeholder="CVV" >
<input type="checkbox" class="juspay_locker_save"> Save card information
<button type="submit" class="make_payment">Pay</button>
<input type="hidden" class="redirect" value="true">
</form>
For Saved Card
<form class="juspay_inline_form" id="payment_form">
<input type="hidden" class="merchant_id" value="guest">
<input type="hidden" class="order_id" value="guest_order"/>
<input type="hidden" class="card_token" >
<input type="text" class="security_code" placeholder="CVV" >
<button type="submit" class="make_payment">Pay</button>
<input type="hidden" class="redirect" value="true">
</form>
For Netbanking
<form class="juspay_inline_form" id="payment_form">
<input type="hidden" class="merchant_id" value="guest">
<input type="hidden" class="order_id" value="guest_order_101"/>
<input type="hidden" class="payment_method_type" value="NB"/>
<select class="payment_method">
<option value="NB_ALLB" label="Allahabad Bank">Allahabad Bank</option>
<option value="NB_ANDHRA" label="Andhra Bank">Andhra Bank</option>
<option value="NB_AXIS" label="Axis Bank">Axis Bank</option>
<option value="NB_BBKM" label="Bank of Bahrain and Kuwait">Bank of Bahrain and Kuwait</option>
<option value="NB_BHARAT" label="Bharat Bank">Bharat Bank</option>
<option value="NB_BOB" label="Bank of Baroda">Bank of Baroda</option>
<option value="NB_BOBCORP" label="Bank of Baroda Corporate">Bank of Baroda Corporate</option>
<option value="NB_BOI" label="Bank of India">Bank of India</option>
<option value="NB_BOM" label="Bank of Maharashtra">Bank of Maharashtra</option>
<option value="NB_CANR" label="Canara Bank">Canara Bank</option>
<option value="NB_CBI" label="Central Bank Of India">Central Bank Of India</option>
<option value="NB_CITI" label="Citi Bank NetBanking">Citi Bank NetBanking</option>
<option value="NB_CORP" label="Corporation Bank">Corporation Bank</option>
<option value="NB_COSMOS" label="COSMOS Bank">COSMOS Bank</option>
<option value="NB_CSB" label="Catholic Syrian Bank">Catholic Syrian Bank</option>
<option value="NB_CUB" label="CityUnion">CityUnion</option>
<option value="NB_DBS" label="DBS Bank">DBS Bank</option>
<option value="NB_DCB" label="Development Credit Bank">Development Credit Bank</option>
<option value="NB_DCBB" label="Development Credit Bank Business">Development Credit Bank Business</option>
<option value="NB_DENA" label="DENA Bank">DENA Bank</option>
<option value="NB_DEUT" label="Deutsche Bank">Deutsche Bank</option>
<option value="NB_DLS" label="Dhanalaxmi Bank">Dhanalaxmi Bank</option>
<option value="NB_FED" label="Federal Bank">Federal Bank</option>
<option value="NB_HDFC" label="HDFC Bank">HDFC Bank</option>
<option value="NB_ICICI" label="ICICI Netbanking">ICICI Netbanking</option>
<option value="NB_IDBI" label="Industrial Development Bank of India">Industrial Development Bank of India</option>
<option value="NB_IDFC" label="IDFC Bank">IDFC Bank</option>
<option value="NB_INDB" label="Indian Bank">Indian Bank</option>
<option value="NB_INDUS" label="IndusInd Bank">IndusInd Bank</option>
<option value="NB_ING" label="ING Vysya Bank">ING Vysya Bank</option>
<option value="NB_IOB" label="Indian Overseas Bank">Indian Overseas Bank</option>
<option value="NB_JNK" label="Jammu and Kashmir Bank">Jammu and Kashmir Bank</option>
<option value="NB_JSB" label="Janata Sahakari Bank">Janata Sahakari Bank</option>
<option value="NB_KARN" label="Karnataka Bank">Karnataka Bank</option>
<option value="NB_KOTAK" label="Kotak Bank">Kotak Bank</option>
<option value="NB_KVB" label="Karur Vysya">Karur Vysya</option>
<option value="NB_KVBCORP" label="Karur Vysya Corporate Banking">Karur Vysya Corporate Banking</option>
<option value="NB_LVB" label="Lakshmi Vilas Bank Retail">Lakshmi Vilas Bank Retail</option>
<option value="NB_LVBCORP" label="Lakshmi Vilas Bank Corporate">Lakshmi Vilas Bank Corporate</option>
<option value="NB_NAIB" label="The Nainital Bank">The Nainital Bank</option>
<option value="NB_NKGSB" label="North Kanara GSB">North Kanara GSB</option>
<option value="NB_OBC" label="Oriental Bank Of Commerce">Oriental Bank Of Commerce</option>
<option value="NB_PMCB" label="Punjab and Maharashtra Coop Bank">Punjab and Maharashtra Coop Bank</option>
<option value="NB_PNB" label="Punjab National Bank">Punjab National Bank</option>
<option value="NB_PNBCORP" label="Punjab National Bank CORPORATE">Punjab National Bank CORPORATE</option>
<option value="NB_PNJSB" label="Punjab and Sind Bank">Punjab and Sind Bank</option>
<option value="NB_RATN" label="Ratnakar Bank">Ratnakar Bank</option>
<option value="NB_RBS" label="Royal Bank of Scotland">Royal Bank of Scotland</option>
<option value="NB_SARASB" label="Saraswat Bank">Saraswat Bank</option>
<option value="NB_SBBJ" label="State Bank of Bikaner and Jaipur">State Bank of Bikaner and Jaipur</option>
<option value="NB_SBH" label="State Bank of Hyderabad">State Bank of Hyderabad</option>
<option value="NB_SBI" label="State Bank of India">State Bank of India</option>
<option value="NB_SBM" label="State Bank of Mysore">State Bank of Mysore</option>
<option value="NB_SBP" label="State Bank of Patiala">State Bank of Patiala</option>
<option value="NB_SBT" label="State Bank of Travancore">State Bank of Travancore</option>
<option value="NB_SCB" label="Standard Chartered Bank">Standard Chartered Bank</option>
<option value="NB_SOIB" label="South Indian Bank">South Indian Bank</option>
<option value="NB_SVC" label="SVC Co operative Bank">SVC Cooperative Bank</option>
<option value="NB_SVCB" label="Shamrao Vithal Cooperative Bank">Shamrao Vithal Cooperative Bank</option>
<option value="NB_SYNB" label="Syndicate Bank">Syndicate Bank</option>
<option value="NB_TMB" label="Tamilnadu Mercantile Bank">Tamilnadu Mercantile Bank</option>
<option value="NB_TNSC" label="Tamilnadu State Apex Coop Bank">Tamilnadu State Apex Coop Bank</option>
<option value="NB_UBI" label="Union Bank of India">Union Bank of India</option>
<option value="NB_UBICORP" label="Union Bank Corporate Banking">Union Bank Corporate Banking</option>
<option value="NB_UCOB" label="UCO Bank">UCO Bank</option>
<option value="NB_UNIB" label="United Bank of India">United Bank of India</option>
<option value="NB_VJYB" label="Vijaya Bank">Vijaya Bank</option>
<option value="NB_YESB" label="YES Bank">YES Bank</option>
</select>
<button type="submit" class="make_payment">Pay</button>
<input type="hidden" class="redirect" value="true">
</form>
For Wallets
<form class="juspay_inline_form" id="payment_form">
<input type="hidden" class="merchant_id" value="guest">
<input type="hidden" class="order_id" value="guest_order_101"/>
<input type="hidden" class="payment_method_type" value="WALLET"/>
<select class="payment_method">
<option value="FREECHARGE" label="Freecharge Wallet">Freecharge Wallet</option>
<option value="JANACASH" label="Jana Cash">Jana Cash</option>
<option value="JIOMONEY" label="JioMoney">JioMoney</option>
<option value="MOBIKWIK" label="Mobikwik Wallet">Mobikwik Wallet</option>
<option value="OLAMONEY" label="Olamoney Wallet">Olamoney Wallet</option>
<option value="PAYZAPP" label="PAYZAPP">PAYZAPP</option>
<option value="PAYTM" label="PayTM Wallet">PayTM Wallet</option>
<option value="PAYUMONEY" label="PayU Money Wallet">PayU Money Wallet</option>
<option value="SBIBUDDY" label="SBI Buddy">SBI Buddy</option>
</select>
<button type="submit" class="make_payment">Pay</button>
<input type="hidden" class="redirect" value="true">
</form>
For UPI Collect
<form class="juspay_inline_form" id="payment_form">
<input type="hidden" class="merchant_id" value="guest">
<input type="hidden" class="order_id" value="guest_order_101"/>
<input type="text" class="upi_vpa" value""/>
<input type="hidden" class="payment_method_type" value="UPI"/>
<input type="hidden" class="payment_method" value="UPI"/>
<input type="hidden" class="txn_type" value="UPI_COLLECT"/>
<button type="submit" class="make_payment">Pay</button>
<input type="hidden" class="redirect" value="true">
</form>
Besides the usual fields, there are some Juspay specific fields that will enable us to process the payment when the form is submitted.
- order_id field represents the order_id of the order object that you have just created.
- merchant_id helps us identify you. Changing this would mean that we credit the payment to someone else's account. So, please be careful with this field!
- payment_method_type identifies the category of the payment instrument being used. It can be one of CARD, NB, WALLET.
- payment_method identifies the actual payment instrument being used. List of payment methods for NetBanking is shown in the form above.
- juspay_locker_save tells us whether we need to store this card after the payment is successful.
- If redirect is true, then we will choose the redirection flow for authentication. Otherwise, a popup window will be used for authentication. By default, popup window will be chosen for authentication.
pay-v2.js listens to the form submit event and transports the card information safely to process it for payment. This is accomplished by the following snippet.
<script type="text/javascript">
Juspay.Setup({
payment_form: "#payment_form",
success_handler: function(status) {},
error_handler: function(error_code, error_message, bank_error_code,
bank_error_message, gateway_id) {},
card_encoding_key: ":card_encoding_key",
card_encoding_version: "YYYY-MM-DD"
})
</script>
Redirect or Popup?
Authentication can be performed either via a popup or using the traditional redirection based flow. In the former, a separate window opens up to conduct the authentication. This popup is closed as soon as the payment is complete. You can control this choice by passing the appropriate value in <span style="color:#f48fb1"redirect element.
In the code snippet above showing Juspay.Setup, there are two handlers success_handler and error_handler. If the payment is successful, then success_handler is invoked. If the payment failed, then <span style="color:#f48fb1"error_handler will be invoked.
Redirect Flow
For mobile, redirection flow is chosen by default. You cannot change this. So, you must always ensure that you have coded the case to handle the redirection flow as well.
Card Form Validation
Validation must be implemented by you. Please ensure the following:
- Card Number must be validated using Luhn Algorithm
- Expiry date must be in future
- CVV (security_code) must be 3 digits for Visa/Mastercard/Rupay and 4 digits for American Express
- Cardholder name must be alphabets & space only
- Expiry & CVV must be made optional for Maestro cards for better coverage
Stored cards
To checkout using the stored card, the form must contain the card_token element and the security_code element. Please see the sample code below.
<form class="juspay_express_form" id="payment_form">
<input type="hidden" class="card_token" value="54eb18a0-c7ca-46a3-b122-448d93a3698a"/>
<input type="hidden" class="merchant_id" value="guest">
<input type="hidden" class="order_id" value="guest_order"/>
<label>
<p>5264-XXXXXXXX-3394</p>
<p>Expires: 10/24</p>
</label>
<input type="text" class="security_code" placeholder="CVV" >
<button type="submit" class="make_payment">Pay</button>
</form>
Binding to Juspay.Setup is same as above. To handle multiple stored cards, you can create separate forms with different identifiers and bind them individually. It is also possible to handle using a single form.
Using EMI
To support EMI the iFrame payment URL has been enhanced to take additional parameters:
- is_emi: Indicates if EMI is applicable for this transaction. Valid values are true and false.
- emi_bank: Issuing bank of the card
- emi_tenure: Tenure of EMI in months
Note: It is an error to pass is_emi and not pass emi_bank and emi_tenure.
Sample form with EMI support:
<form class="juspay_inline_form" id="payment_form">
<input type="hidden" class="merchant_id" value="guest">
<input type="hidden" class="order_id" value="guest_order"/>
<input type="hidden" class="is_emi" value="true" />
<input type="hidden" class="emi_bank" value="HDFC" />
<input type="hidden" class="emi_tenure" value="6" />
<input type="text" class="card_number" placeholder="Card number">
<input type="text" class="name_on_card" placeholder="Cardholder name">
<input type="text" class="card_exp_month" placeholder="MM"> - <input type="text" class="card_exp_year" placeholder="YYYY">
<input type="text" class="security_code" placeholder="CVV" >
<input type="checkbox" class="juspay_locker_save"> Save card information
<button type="submit" class="make_payment">Pay</button>
<input type="hidden" class="redirect" value="false">
</form>
Currently supported combinations of emi_bank and emi_tenure are:
EMI Bank | EMI Tenure | Supported Gateways |
---|---|---|
HDFC | 3,6,9,12,18,24 | PAYU, HDFC, RAZORPAY |
CITI | 3,6,9,12,18,24 | PAYU |
ICICI | 3,6,9,12,18,24 | PAYU, ICICI, CCAVENUE, RAZORPAY |
SBI | 3,6,9,12 | PAYU, CCAVENUE |
AXIS | 3,6,9,12 | PAYU, ICICI, CCAVENUE, RAZORPAY |
SCB | 3,6,9,12,18,24 | ICICI, PAYU |
KOTAK | 3,6,9,12 | ICICI, CCAVENUE, PAYU, RAZORPAY |
HSBC | 3,6,9,12 | ICICI, CCAVENUE, PAYU |
AMEX | 3,6,9,12 | PAYU, CCAVENUE, RAZORPAY |
INDUSIND | 3,6,9,12,18,24 | PAYU, CCAVENUE, RAZORPAY |
RBL | 3,6,9,12,18,24 | RAZORPAY, PAYU |
BOB | 3,6,9,12 | RAZORPAY |
YES | 3,6,9,12,18,24 | PAYU |
ICICIDC | 3,6,9,12 | PAYU |
AXISDC | 3,6,9,12 | PAYU |
HDFCDC | 3,6,9,12,18 | PAYU, BILLDESK |
PCI Compliance
All Juspay clients must be PCI DSS Compliant at all times. When using pay-v2.js, the card information is captured by HTML form which is controlled by your website. This puts your website & domain within the PCI scope. You can achieve compliance by completing the Self Assessment Questionnaire A-EP (SAQ A-EP).
We strongly advise you to upgrade to pay-v3.js.
JS Version | SAQ Requirement |
---|---|
pay.js (legacy) | SAQ A-EP |
pay-v2.js | SAQ A-EP |
iFrame vs Javascript
iFrame vs Javascript
When is iFrame better than Javascript?
- Complete the integration in 2 days flat
- Checkout form is always improving and heavily optimized
- Mobile web experience in Android/iOS suffices
When is Javascript better than iFrame?
- You wish to completely customize the checkout form (development time is higher)
- Give native experience to your customers in Android/iOS
iFrame | Javascript | |
---|---|---|
Development Time | 2 days | 2 weeks |
Form factors supported | Desktop & Mobile | Requires coding |
Ability to customize the checkout form | Medium (styles only) | Very high (you own the form) |
Form validation | Built-in | Requires coding |
Intelligent Maestro handling 19 digit & 16 digits | Built-in | Requires coding |
Switch between stored cards & new card | Built-in | Requires coding |
Android & iOS experience | Mobile Web | Native |
Promotions: Card based Cash back | Rule based support | Yes (build your own) |
Promotions: Card based Discounts | No support | Yes (build your own) |
PCI Compliance | SAQ-A | SAQ-A EP (for pay.js) SAQ-A (for pay-v2.js) |
Switching from iFrame to Javascript
If you get started with iFrame and sometime in the future, would like to transition to Javascript based integration, it is completely feasible to do so.
Payment Links
Payment Links
Now you can send or message payment links to your customers. This will be very convenient for a variety of use cases including Pay on Delivery (an alternative for Cash on Delivery). These links are available as part of the POST /orders API.
Example
{
"order_id": "1478851764",
"id": "ord_e294a26e66ad4336a992ceab81ad704c",
"status": "CREATED",
"status_id": 1,
"payment_links": {
"web": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c",
"mobile": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c?mobile=true",
"iframe": "https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c"
}
}
payment_links attribute will be present in /orders API. We have provided three variants to make it easy for your customers. As the name implies, these are best suited for the respective channels.
Variant | Description |
---|---|
web | Renders a desktop optimized version of the checkout page |
mobile | Renders a mobile optimized version of the checkout page |
iframe | Provides an iFrame that you can embed as part of your checkout page |
Payment methods
All the payment methods enabled in your account will be displayed to the user. This is to ensure maximum acceptance which improves your success rate significantly.
Expiry
Links become invalid as soon as the order expires. The default expiry is 15 minutes from the time of creation. This value is customizable via our dashboard. Please follow this link to customize it to your need.
The maximum expiry time is 24 hours. This limit is set due to security restrictions. If you wish to extend the expiry period, then please reach out to us. Your chances of convincing us will improve significantly if you use a good random generator for Order ID attribute.
Pay on Delivery
The link can be directly shared with your customers at the time of product delivery. All the payment options are available to the customer (including stored cards). This makes it very convenient for the customer to pay using their favorite payment option.
The image you see above is a simple depiction of an experience that can be built using our API.
The image you see above is a simple depiction of an experience that can be built using our API.
- As your Delivery executive is preparing to deliver an order, they can initiate payment for that order.
- Your server sends a notification to your customer via email or SMS or push notification.
- The customer sees the checkout page with all the payment options. Proceeds to make payment and completes successfully. You can make it a 1-click experience if you use our Mobile SDK and open the URL there.
- Your Delivery executive can refresh the screen and check the payment status, once payment is confirmed can deliver the order.
Security
Anyone involved with the processing, transmission, or storage of credit card data must comply with the Payment Card Industry Data Security Standards (PCI DSS). Juspay makes this easy for you to do, and you can set up a fully PCI-compliant integration by taking the following steps:
- Serve your payment pages securely using Transport Layer Security (TLS) so that they make use of HTTPS
- Use Juspay's pay-v3.js to render card elements from Juspay iFrame. This ensures that the cardholder data is accepted and transmitted from Juspay's iFrame to Juspay's servers directly.
TLS
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a network. When secured by TLS, connections between a client (e.g., a web browser) and a server (e.g., wikipedia.org) have one or more of the following properties:
- Privacy - connection through encryption
- Identity authentication - identification through certificates, and
- Reliability - dependable maintenance of a secure connection through message integrity checking.
TLS is designed to prevent eavesdropping and tampering. We currently support TLS v1.2
A digital certificate - a file issued by a certification authority (CA) - is needed in order to use TLS. When installed, this certificate assures the client that it's really communicating with the server it expects to be talking to, not an impostor. Additionally, your customers are more comfortable sharing sensitive information on pages visibly served over HTTPS, which can help increase your customer conversion rate.
PCI DSS guidelines
So long as you ensure that the cardholder data doesn't come in direct contact with your website or servers, your compliance level can remain the easiest - SAQ A. Any deviation can significantly increase the compliance requirements. We have summarized below various scenarios for your quick reference:
Mechanism | Card entry environment | Compliance Requirement |
---|---|---|
Redirection to hosted page | User is redirected from your website. The user enters complete card data is in payment page rendered from Juspay's domain | SAQ - A |
Embedded iFrame | You embed Juspay's iFrame in your checkout page. The user enters complete card data in iFrame served from Juspay's domain | SAQ - A |
Pay-v2.js | Cardholder data is captured on your website but transmitted using Juspay's iFrame | SAQ - A EP |
Pay-v3.js | Juspay renders card input elements as iFrame from Juspay's domain. User data is captured directly in Juspay's iFrame and transmitted using Juspay's iFrame. | SAQ - A |
Direct Card API | You use Juspay's API to send cardholder data | SAQ - D |
For any queries relating to security, you may write to [email protected].
Updated 3 months ago