Merchants wishing to store sensitive card data must attain and maintain PCI Level 1 compliance. The requirements for this level of PCI compliance are onerous and costly. If you do not need to store sensitive card data then APEXX provides the following options for the compliant capture of cardholder data:
1. Use APEXX's hosted payment page (full page redirect) to capture card details on a page hosted and managed by APEXX
This is the easiest and quickest option to implement, but offers very limited styling options and the least consistent end user experience.
2. Load the hosted payment form into an iframe on your own payment page
This option results in a consistent user experience and presents APEXX's card data entry form on a page you have full control over.
3. Use Client Side Encryption to capture card details securely on your own payment page
This option allows you to manage your own payment page in full, including the type and layout of payment data fields. Sensitive card data is tagged and encrypted before it is transmitted to the APEXX gateway.