For Credit Card Payments we offer a solution where user submits the card data directly to the dialog from MakeCommerce (Maksekeskus)
The dialog is implemented as semi-transparent iFrame window on top of the shop’s checkout page.
The user perceives he/she has not left the checkout-page though in fact the dialog is from maksekeskus.ee domain
This approach is recognized by card networks as IFRAME solution that set the lowest PCI DSS compliance requirements on Merchant.
(VISA guide to security and PCI DSS requirements). We do not accept any other form of credit card payments.
VISA Europe validation requirements on Merchant:
- Use a service provider that has certified their PCI DSS compliance (certified providers are listed on Visa Europe’s website: www.visaeurope.com)
- Have certified their own PCI DSS compliance to the acquirer (who must, on request, be able to validate that compliance to Visa Europe) (SAQ)
This approach ensures that credit card data do not pass through the Merchant systems and PCI DSS V3 SAQ-A attestation for the Merchant is not strictly required.
(read more on payments security: Best Practices for Securing E-commerce, by PCI Security Standards Council )
Integrating with the Credit Card Dialog
Overview of the card payment flow
- Through the payment method selection dialog the buyer has selected to pay with credit card
- The shop registers a new transaction over the MK API (create transaction)
- The buyer fills in credit card data and submits the data directly to MK server
- MK backend will process the payment through respective card networks, if required the buyer is redirected through the 3DS authentication dialog
- MK will complete the payment in the card network and will pass back the result to shop via browser (‘token_return’ message)
- MK server sends asynchronously an additional message about the payment directly to the shop server (notification_url, ‘payment_return’ message)
For further integration details see our api-explorer.
3-D Secure payments
3DSecure is an additional security measure that involves user authorisation at card issuer bank during the online card payment process.
See more on Wikipedia 3-D_Secure page.
One Click Payments (OCP)
With One Click Payments activated for your shop, a credit card can be ‘remembered’ in MK systems so that the buyer does not have to fill the card data form again at next purchase. The user virtually needs just one click to pay. Read more about it on OCP page.
We offer a solution for merchants to take recurring payments from credit cards. Read more about it on recurring payments page.
Foreign Currency payments
Merchants who run shops oriented to UK or USA markets and would like to service buyers in their domestic currency can take credit card payments in USD and GBP. Settlement between MK and merchant still is done in euros but the buyer credit card is debited in his/her familiar domestic currency. Read more on non Euro payments page.
Demo and testing
Example of card dialog: