Pay using iFrame

Use this mode of integration, if you wish to embed the payment form as part of your checkout page.

Create Order

To collect payment from a customer, you first need to create an order with Juspay. Order encapsulates all the information that is required for payment.

Embedding the iFrame

The iframe URL is available as part of the POST /order/create API.

Example

{
  "order_id": "1478851764",
  "id": "ord_e294a26e66ad4336a992ceab81ad704c",
  "status": "CREATED",
  "status_id": 1,
  "payment_links": {
    "web": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c",
    "mobile": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c?mobile=true",
    "iframe": "https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c"
  }
}

payment_links attribute will be present in both /order/create API and /order/status API. We have provided three variants to make it easy for your customers. As the name implies, these are best suited for the respective channels.

Variant	Description
web	Renders a desktop-optimized version of the checkout page
mobile	Renders a mobile-optimized version of the checkout page
iframe	Provides an iFrame that you can embed as part of your checkout page

<iframe src="https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c"
width="630" height="400"
style="border: 1px solid #CCC;padding: 20px;height: auto;min-height: 300px;">
</iframe>

Mobile optimized form

The mobile variant url is available in payment_links attribute will be present in both /order/create API and /order/status API. Please see the code below:

<iframe src="https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c?mobile=true"
width="630" height="400"
style="border: 1px solid #CCC;padding: 20px;height: auto;min-height: 300px;">
</iframe>

This will render a mobile responsive form with all the functionalities included.

Note: The mobile-optimized checkout experience will use the redirect mode to do the authentication.

Using EMI

To support EMI the iFrame payment URL has been enhanced to take additional parameters:

is_emi: Indicates if EMI is applicable for this transaction. Valid values are true and false.
emi_bank: Issuing bank of the card
emi_tenure: Tenure of EMI in months

Note: It is an error to pass is_emi and not pass emi_bank and emi_tenure.

Sample code for creating an iFrame with EMI support:

<iframe src="https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c?is_emi=true&emi_tenure=6&emi_bank=HDFC"
width="630" height="400"
style="border: 1px solid #CCC;padding: 20px;height: auto;min-height: 300px;">
</iframe>

Currently supported combinations of emi_bank and emi_tenure are:

EMI Bank	EMI Tenure	Supported Gateways
HDFC	3,6,9,12,18,24	PAYU, HDFC, RAZORPAY
CITI	3,6,9,12,18,24	PAYU
ICICI	3,6,9,12,18,24	PAYU, ICICI, CCAVENUE, RAZORPAY
SBI	3,6,9,12	PAYU, CCAVENUE, RAZORPAY
AXIS	3,6,9,12	PAYU, ICICI, CCAVENUE, RAZORPAY
SCB	3,6,9,12,18,24	ICICI, PAYU, RAZORPAY
KOTAK	3,6,9,12	ICICI, CCAVENUE, PAYU, RAZORPAY
HSBC	3,6,9,12	ICICI, CCAVENUE, PAYU
AMEX	3,6,9,12	PAYU, CCAVENUE, RAZORPAY
INDUSIND	3,6,9,12,18,24	PAYU, CCAVENUE, RAZORPAY
RBL	3,6,9,12,18,24	RAZORPAY, PAYU
YES	3,6,9,12,18,24	PAYU, RAZORPAY
ICICIDC	3,6,9,12	PAYU
AXISDC	3,6,9,12	PAYU
HDFCDC	3,6,9,12,18	PAYU, BILLDESK

Payment Method Customization

By default, cards are enabled. To enable only required payment methods to pass an extra parameter to the payment URL

To enable only Netbanking, pass the following parameter: payment_options=nb. To enable only Wallets, pass the following parameter: payment_options=wallet. To enable Netbanking and Wallets together, pass the following parameter: payment_options=nb|wallet.

Sample code for creating an iFrame with EMI support:

<iframe src="https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c?payment_options=nb"
width="630" height="400"
style="border: 1px solid #CCC;padding: 20px;height: auto;min-height: 300px;">
</iframe>

PCI Compliance

iFrame based integration offers the easiest path to PCI Compliance. Since iFrame is as good as a separate browser window, your website is completely shielded away from getting any sensitive card information. You can become PCI Compliant by simply filling up the PCI DSS SAQ-A questionnaire.

Javascript Integration

Pay-V2.js

Deprecated (please use pay-v3.js)

This mode of integration is an alternative to iFrame based integration. While the iFrame based integration lets you easily get to the market, javascript based integration gives you the ultimate flexibility to define the checkout experience for your customer.

Create order

Order creation has already been explained previously. Follow the same steps mentioned here.

pay-v2.js (deprecated)

pay-v2.js has been deprecated. Migrate to pay-v3.js for better security and reduced compliances. For pay-v3.js integration document, please check this link. If you are looking for pay-v2.js integration document, please continue.

<script type="text/javascript"
        src="https://api.juspay.in/pay-v2.js"></script>

Implementing Checkout

Before we get to the details, let's take a quick look at a typical payment form. This is the part you can build with your web framework, or by hand in HTML - whichever way you are used to building forms on the web.

For Cards

<form class="juspay_inline_form" id="payment_form">
    <input type="hidden" class="merchant_id" value="guest">
    <input type="hidden" class="order_id" value="guest_order"/>
    <input type="text" class="card_number" placeholder="Card number">
    <input type="text" class="name_on_card" placeholder="Cardholder name">
    <input type="text" class="card_exp_month" placeholder="MM"> - <input type="text" class="card_exp_year" placeholder="YYYY">
    <input type="text" class="security_code" placeholder="CVV" >
    <input type="checkbox"  class="juspay_locker_save"> Save card information
    <button type="submit" class="make_payment">Pay</button>
    <input type="hidden" class="redirect" value="true">
</form>

For Saved Card

<form class="juspay_inline_form" id="payment_form">
    <input type="hidden" class="merchant_id" value="guest">
    <input type="hidden" class="order_id" value="guest_order"/>
    <input type="hidden" class="card_token" >
    <input type="text" class="security_code" placeholder="CVV" >
    <button type="submit" class="make_payment">Pay</button>
    <input type="hidden" class="redirect" value="true">
</form>

For Netbanking

<form class="juspay_inline_form" id="payment_form">
    <input type="hidden" class="merchant_id" value="guest">
    <input type="hidden" class="order_id" value="guest_order_101"/>
    <input type="hidden" class="payment_method_type" value="NB"/>
    <select class="payment_method">
        <option value="NB_ALLB" label="Allahabad Bank">Allahabad Bank</option>
        <option value="NB_ANDHRA" label="Andhra Bank">Andhra Bank</option>
        <option value="NB_AXIS" label="Axis Bank">Axis Bank</option>
        <option value="NB_BBKM" label="Bank of Bahrain and Kuwait">Bank of Bahrain and Kuwait</option>
        <option value="NB_BHARAT" label="Bharat Bank">Bharat Bank</option>
        <option value="NB_BOB" label="Bank of Baroda">Bank of Baroda</option>
        <option value="NB_BOBCORP" label="Bank of Baroda Corporate">Bank of Baroda Corporate</option>
        <option value="NB_BOI" label="Bank of India">Bank of India</option>
        <option value="NB_BOM" label="Bank of Maharashtra">Bank of Maharashtra</option>
        <option value="NB_CANR" label="Canara Bank">Canara Bank</option>
        <option value="NB_CBI" label="Central Bank Of India">Central Bank Of India</option>
        <option value="NB_CITI" label="Citi Bank NetBanking">Citi Bank NetBanking</option>
        <option value="NB_CORP" label="Corporation Bank">Corporation Bank</option>
        <option value="NB_COSMOS" label="COSMOS Bank">COSMOS Bank</option>
        <option value="NB_CSB" label="Catholic Syrian Bank">Catholic Syrian Bank</option>
        <option value="NB_CUB" label="CityUnion">CityUnion</option> 
        <option value="NB_DBS" label="DBS Bank">DBS Bank</option>
        <option value="NB_DCB" label="Development Credit Bank">Development Credit Bank</option>
        <option value="NB_DCBB" label="Development Credit Bank Business">Development Credit Bank Business</option>
        <option value="NB_DENA" label="DENA Bank">DENA Bank</option>
        <option value="NB_DEUT" label="Deutsche Bank">Deutsche Bank</option>
        <option value="NB_DLS" label="Dhanalaxmi Bank">Dhanalaxmi Bank</option>
        <option value="NB_FED" label="Federal Bank">Federal Bank</option>
        <option value="NB_HDFC" label="HDFC Bank">HDFC Bank</option>
        <option value="NB_ICICI" label="ICICI Netbanking">ICICI Netbanking</option>
        <option value="NB_IDBI" label="Industrial Development Bank of India">Industrial Development Bank of India</option>
        <option value="NB_IDFC" label="IDFC Bank">IDFC Bank</option>
        <option value="NB_INDB" label="Indian Bank">Indian Bank</option> 
        <option value="NB_INDUS" label="IndusInd Bank">IndusInd Bank</option>
        <option value="NB_ING" label="ING Vysya Bank">ING Vysya Bank</option>
        <option value="NB_IOB" label="Indian Overseas Bank">Indian Overseas Bank</option>
        <option value="NB_JNK" label="Jammu and Kashmir Bank">Jammu and Kashmir Bank</option>
        <option value="NB_JSB" label="Janata Sahakari Bank">Janata Sahakari Bank</option>
        <option value="NB_KARN" label="Karnataka Bank">Karnataka Bank</option>
        <option value="NB_KOTAK" label="Kotak Bank">Kotak Bank</option>
        <option value="NB_KVB" label="Karur Vysya">Karur Vysya</option>
        <option value="NB_KVBCORP" label="Karur Vysya Corporate Banking">Karur Vysya Corporate Banking</option>
        <option value="NB_LVB" label="Lakshmi Vilas Bank Retail">Lakshmi Vilas Bank Retail</option>
        <option value="NB_LVBCORP" label="Lakshmi Vilas Bank Corporate">Lakshmi Vilas Bank Corporate</option>
        <option value="NB_NAIB" label="The Nainital Bank">The Nainital Bank</option>
        <option value="NB_NKGSB" label="North Kanara GSB">North Kanara GSB</option>   
        <option value="NB_OBC" label="Oriental Bank Of Commerce">Oriental Bank Of Commerce</option>
        <option value="NB_PMCB" label="Punjab and Maharashtra Coop Bank">Punjab and Maharashtra Coop Bank</option>
        <option value="NB_PNB" label="Punjab National Bank">Punjab National Bank</option>
        <option value="NB_PNBCORP" label="Punjab National Bank CORPORATE">Punjab National Bank CORPORATE</option>
        <option value="NB_PNJSB" label="Punjab and Sind Bank">Punjab and Sind Bank</option>
        <option value="NB_RATN" label="Ratnakar Bank">Ratnakar Bank</option>
        <option value="NB_RBS" label="Royal Bank of Scotland">Royal Bank of Scotland</option>
        <option value="NB_SARASB" label="Saraswat Bank">Saraswat Bank</option>
        <option value="NB_SBBJ" label="State Bank of Bikaner and Jaipur">State Bank of Bikaner and Jaipur</option>
        <option value="NB_SBH" label="State Bank of Hyderabad">State Bank of Hyderabad</option>
        <option value="NB_SBI" label="State Bank of India">State Bank of India</option>
        <option value="NB_SBM" label="State Bank of Mysore">State Bank of Mysore</option>
        <option value="NB_SBP" label="State Bank of Patiala">State Bank of Patiala</option>
        <option value="NB_SBT" label="State Bank of Travancore">State Bank of Travancore</option>
        <option value="NB_SCB" label="Standard Chartered Bank">Standard Chartered Bank</option>
        <option value="NB_SOIB" label="South Indian Bank">South Indian Bank</option>
        <option value="NB_SVC" label="SVC Co operative Bank">SVC Cooperative Bank</option>
        <option value="NB_SVCB" label="Shamrao Vithal Cooperative Bank">Shamrao Vithal Cooperative Bank</option>
        <option value="NB_SYNB" label="Syndicate Bank">Syndicate Bank</option>
        <option value="NB_TMB" label="Tamilnadu Mercantile Bank">Tamilnadu Mercantile Bank</option>
        <option value="NB_TNSC" label="Tamilnadu State Apex Coop Bank">Tamilnadu State Apex Coop Bank</option>
        <option value="NB_UBI" label="Union Bank of India">Union Bank of India</option>
        <option value="NB_UBICORP" label="Union Bank Corporate Banking">Union Bank Corporate Banking</option>
        <option value="NB_UCOB" label="UCO Bank">UCO Bank</option>
        <option value="NB_UNIB" label="United Bank of India">United Bank of India</option>
        <option value="NB_VJYB" label="Vijaya Bank">Vijaya Bank</option>
        <option value="NB_YESB" label="YES Bank">YES Bank</option>
    </select>
    <button type="submit" class="make_payment">Pay</button>
    <input type="hidden" class="redirect" value="true">
</form>

For Wallets

<form class="juspay_inline_form" id="payment_form">
    <input type="hidden" class="merchant_id" value="guest">
    <input type="hidden" class="order_id" value="guest_order_101"/>
    <input type="hidden" class="payment_method_type" value="WALLET"/>
    <select class="payment_method">
        <option value="FREECHARGE" label="Freecharge Wallet">Freecharge Wallet</option>
        <option value="JANACASH" label="Jana Cash">Jana Cash</option>
        <option value="JIOMONEY" label="JioMoney">JioMoney</option>
        <option value="MOBIKWIK" label="Mobikwik Wallet">Mobikwik Wallet</option>
        <option value="OLAMONEY" label="Olamoney Wallet">Olamoney Wallet</option>
        <option value="PAYZAPP" label="PAYZAPP">PAYZAPP</option>
        <option value="PAYTM" label="PayTM Wallet">PayTM Wallet</option>
        <option value="PAYUMONEY" label="PayU Money Wallet">PayU Money Wallet</option>
        <option value="SBIBUDDY" label="SBI Buddy">SBI Buddy</option>
    </select>
    <button type="submit" class="make_payment">Pay</button>
    <input type="hidden" class="redirect" value="true">
</form>

For UPI Collect

<form class="juspay_inline_form" id="payment_form">
    <input type="hidden" class="merchant_id" value="guest">
    <input type="hidden" class="order_id" value="guest_order_101"/>
    <input type="text" class="upi_vpa" value""/>
    <input type="hidden" class="payment_method_type" value="UPI"/>
    <input type="hidden" class="payment_method" value="UPI"/>
    <input type="hidden" class="txn_type" value="UPI_COLLECT"/>
    <button type="submit" class="make_payment">Pay</button>
    <input type="hidden" class="redirect" value="true">
</form>

Besides the usual fields, there are some Juspay specific fields that will enable us to process the payment when the form is submitted.

order_id field represents the order_id of the order object that you have just created.
merchant_id helps us identify you. Changing this would mean that we credit the payment to someone else's account. So, please be careful with this field!
payment_method_type identifies the category of the payment instrument being used. It can be one of CARD, NB, WALLET.
payment_method identifies the actual payment instrument being used. List of payment methods for NetBanking is shown in the form above.
juspay_locker_save tells us whether we need to store this card after the payment is successful.
If redirect is true, then we will choose the redirection flow for authentication. Otherwise, a popup window will be used for authentication. By default, popup window will be chosen for authentication.

pay-v2.js listens to the form submit event and transports the card information safely to process it for payment. This is accomplished by the following snippet.

<script type="text/javascript">
Juspay.Setup({
    payment_form: "#payment_form",
    success_handler: function(status) {},
    error_handler: function(error_code, error_message, bank_error_code,
        bank_error_message, gateway_id) {},
    card_encoding_key: ":card_encoding_key",
    card_encoding_version: "YYYY-MM-DD"
})
</script>

Redirect or Popup?

Authentication can be performed either via a popup or using the traditional redirection based flow. In the former, a separate window opens up to conduct the authentication. This popup is closed as soon as the payment is complete. You can control this choice by passing the appropriate value in <span style="color:#f48fb1"redirect element.

In the code snippet above showing Juspay.Setup, there are two handlers success_handler and error_handler. If the payment is successful, then success_handler is invoked. If the payment failed, then <span style="color:#f48fb1"error_handler will be invoked.

Redirect Flow

For mobile, redirection flow is chosen by default. You cannot change this. So, you must always ensure that you have coded the case to handle the redirection flow as well.

Card Form Validation

Validation must be implemented by you. Please ensure the following:

Card Number must be validated using Luhn Algorithm
Expiry date must be in future
CVV (security_code) must be 3 digits for Visa/Mastercard/Rupay and 4 digits for American Express
Cardholder name must be alphabets & space only
Expiry & CVV must be made optional for Maestro cards for better coverage

Stored cards

To checkout using the stored card, the form must contain the card_token element and the security_code element. Please see the sample code below.

<form class="juspay_express_form" id="payment_form">
    <input type="hidden" class="card_token" value="54eb18a0-c7ca-46a3-b122-448d93a3698a"/>
    <input type="hidden" class="merchant_id" value="guest">
    <input type="hidden" class="order_id" value="guest_order"/>
    <label>
        <p>5264-XXXXXXXX-3394</p>
        <p>Expires: 10/24</p>
    </label>
    <input type="text" class="security_code" placeholder="CVV" >
    <button type="submit" class="make_payment">Pay</button>
</form>

Binding to Juspay.Setup is same as above. To handle multiple stored cards, you can create separate forms with different identifiers and bind them individually. It is also possible to handle using a single form.

Using EMI

To support EMI the iFrame payment URL has been enhanced to take additional parameters:

is_emi: Indicates if EMI is applicable for this transaction. Valid values are true and false.
emi_bank: Issuing bank of the card
emi_tenure: Tenure of EMI in months

Note: It is an error to pass is_emi and not pass emi_bank and emi_tenure.

Sample form with EMI support:

<form class="juspay_inline_form" id="payment_form">
    <input type="hidden" class="merchant_id" value="guest">
    <input type="hidden" class="order_id" value="guest_order"/>
    <input type="hidden" class="is_emi" value="true" />
    <input type="hidden" class="emi_bank" value="HDFC" />
    <input type="hidden" class="emi_tenure" value="6" />
    <input type="text" class="card_number" placeholder="Card number">
    <input type="text" class="name_on_card" placeholder="Cardholder name">
    <input type="text" class="card_exp_month" placeholder="MM"> - <input type="text" class="card_exp_year" placeholder="YYYY">
    <input type="text" class="security_code" placeholder="CVV" >
    <input type="checkbox"  class="juspay_locker_save"> Save card information
    <button type="submit" class="make_payment">Pay</button>
    <input type="hidden" class="redirect" value="false">
</form>

Currently supported combinations of emi_bank and emi_tenure are:

EMI Bank	EMI Tenure	Supported Gateways
HDFC	3,6,9,12,18,24	PAYU, HDFC, RAZORPAY
CITI	3,6,9,12,18,24	PAYU
ICICI	3,6,9,12,18,24	PAYU, ICICI, CCAVENUE, RAZORPAY
SBI	3,6,9,12	PAYU, CCAVENUE
AXIS	3,6,9,12	PAYU, ICICI, CCAVENUE, RAZORPAY
SCB	3,6,9,12,18,24	ICICI, PAYU
KOTAK	3,6,9,12	ICICI, CCAVENUE, PAYU, RAZORPAY
HSBC	3,6,9,12	ICICI, CCAVENUE, PAYU
AMEX	3,6,9,12	PAYU, CCAVENUE, RAZORPAY
INDUSIND	3,6,9,12,18,24	PAYU, CCAVENUE, RAZORPAY
RBL	3,6,9,12,18,24	RAZORPAY, PAYU
BOB	3,6,9,12	RAZORPAY
YES	3,6,9,12,18,24	PAYU
ICICIDC	3,6,9,12	PAYU
AXISDC	3,6,9,12	PAYU
HDFCDC	3,6,9,12,18	PAYU, BILLDESK

PCI Compliance

All Juspay clients must be PCI DSS Compliant at all times. When using pay-v2.js, the card information is captured by HTML form which is controlled by your website. This puts your website & domain within the PCI scope. You can achieve compliance by completing the Self Assessment Questionnaire A-EP (SAQ A-EP).

We strongly advise you to upgrade to pay-v3.js.

JS Version	SAQ Requirement
pay.js (legacy)	SAQ A-EP
pay-v2.js	SAQ A-EP

iFrame vs Javascript

iFrame vs Javascript

When is iFrame better than Javascript?

Complete the integration in 2 days flat
Checkout form is always improving and heavily optimized
Mobile web experience in Android/iOS suffices

When is Javascript better than iFrame?

You wish to completely customize the checkout form (development time is higher)
Give native experience to your customers in Android/iOS

	iFrame	Javascript
Development Time	2 days	2 weeks
Form factors supported	Desktop & Mobile	Requires coding
Ability to customize the checkout form	Medium (styles only)	Very high (you own the form)
Form validation	Built-in	Requires coding
Intelligent Maestro handling 19 digit & 16 digits	Built-in	Requires coding
Switch between stored cards & new card	Built-in	Requires coding
Android & iOS experience	Mobile Web	Native
Promotions: Card based Cash back	Rule based support	Yes (build your own)
Promotions: Card based Discounts	No support	Yes (build your own)
PCI Compliance	SAQ-A	SAQ-A EP (for pay.js) SAQ-A (for pay-v2.js)

Switching from iFrame to Javascript

If you get started with iFrame and sometime in the future, would like to transition to Javascript based integration, it is completely feasible to do so.

Payment Links

Payment Links

Now you can send or message payment links to your customers. This will be very convenient for a variety of use cases including Pay on Delivery (an alternative for Cash on Delivery). These links are available as part of the POST /order/create API.

Example

{
  "order_id": "1478851764",
  "id": "ord_e294a26e66ad4336a992ceab81ad704c",
  "status": "CREATED",
  "status_id": 1,
  "payment_links": {
    "web": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c",
    "mobile": "https://api.juspay.in/merchant/pay/ord_e294a26e66ad4336a992ceab81ad704c?mobile=true",
    "iframe": "https://api.juspay.in/merchant/ipay/ord_e294a26e66ad4336a992ceab81ad704c"
  }
}

Variant	Description
web	Renders a desktop optimized version of the checkout page
mobile	Renders a mobile optimized version of the checkout page
iframe	Provides an iFrame that you can embed as part of your checkout page

Payment methods

All the payment methods enabled in your account will be displayed to the user. This is to ensure maximum acceptance which improves your success rate significantly.

Expiry

Links become invalid as soon as the order expires. The default expiry is 15 minutes from the time of creation. This value is customizable via our dashboard. Please follow this link to customize it to your need.

The maximum expiry time is 24 hours. This limit is set due to security restrictions. If you wish to extend the expiry period, then please reach out to us. Your chances of convincing us will improve significantly if you use a good random generator for Order ID attribute.

Pay on Delivery

The link can be directly shared with your customers at the time of product delivery. All the payment options are available to the customer (including stored cards). This makes it very convenient for the customer to pay using their favorite payment option.

The image you see above is a simple depiction of an experience that can be built using our API.

As your Delivery executive is preparing to deliver an order, they can initiate payment for that order.
Your server sends a notification to your customer via email or SMS or push notification.
The customer sees the checkout page with all the payment options. Proceeds to make payment and completes successfully. You can make it a 1-click experience if you use our Mobile SDK and open the URL there.
Your Delivery executive can refresh the screen and check the payment status, once payment is confirmed can deliver the order.

Security

Anyone involved with the processing, transmission, or storage of credit card data must comply with the Payment Card Industry Data Security Standards (PCI DSS). Juspay makes this easy for you to do, and you can set up a fully PCI-compliant integration by taking the following steps:

Serve your payment pages securely using Transport Layer Security (TLS) so that they make use of HTTPS
Use Juspay's pay-v3.js to render card elements from Juspay iFrame. This ensures that the cardholder data is accepted and transmitted from Juspay's iFrame to Juspay's servers directly.

TLS

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a network. When secured by TLS, connections between a client (e.g., a web browser) and a server (e.g., wikipedia.org) have one or more of the following properties:

Privacy - connection through encryption
Identity authentication - identification through certificates, and
Reliability - dependable maintenance of a secure connection through message integrity checking.

TLS is designed to prevent eavesdropping and tampering. We currently support TLS v1.2

A digital certificate - a file issued by a certification authority (CA) - is needed in order to use TLS. When installed, this certificate assures the client that it's really communicating with the server it expects to be talking to, not an impostor. Additionally, your customers are more comfortable sharing sensitive information on pages visibly served over HTTPS, which can help increase your customer conversion rate.

PCI DSS guidelines

So long as you ensure that the cardholder data doesn't come in direct contact with your website or servers, your compliance level can remain the easiest - SAQ A. Any deviation can significantly increase the compliance requirements. We have summarized below various scenarios for your quick reference:

Mechanism	Card entry environment	Compliance Requirement
Redirection to hosted page	User is redirected from your website. The user enters complete card data is in payment page rendered from Juspay's domain	SAQ - A
Embedded iFrame	You embed Juspay's iFrame in your checkout page. The user enters complete card data in iFrame served from Juspay's domain	SAQ - A
Pay-v2.js	Cardholder data is captured on your website but transmitted using Juspay's iFrame	SAQ - A EP
Pay-v3.js	Juspay renders card input elements as iFrame from Juspay's domain. User data is captured directly in Juspay's iFrame and transmitted using Juspay's iFrame.	SAQ - A
Direct Card API	You use Juspay's API to send cardholder data	SAQ - D

For any queries relating to security, you may write to [email protected]