Versions Compared

Old Version 47

changes.mady.by.user Jonathan Tew

Saved on

compared with

New Version 48

changes.mady.by.user Jonathan Tew

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Remove old deadline information that has passed.

Table of Contents

...

As the PCI (Payment Card Industry) standard continues to evolve there are new requirements that must be implemented to maintain the security of card holder data.  With PCI 3.0, which comes into full effect in 2015, there is a new requirement that ALL sensitive payment data form fields MUST come from the PCI-DSS certified provider.   If your website is serving up the input fields associated with the PAN (primary account number 15-16 digits) or the card verification number (CVV/CVV2) then you will be exposing yourself to SAQ-EP (all 12 requirements of PCI) instead of SAQ-A (2 requirements of PCI).

What has to Change?  

If you're using a custom JavaScript checkout or an external payment form, you will need to make upgrades by July 15, in order to meet the new requirement for using UltraCart Hosted Credit Card Fields.  After this deadline legacy methods of sending credit card data to UltraCart will no longer function.  Below are documented examples on how to update your external integration.  If you have additional questions, please contact UltraCart Support.

What are the Deadlines?

July 15th is the deadline for making the upgrades.  UltraCart will send automated notices to accounts that interact with legacy interfaces that need to be updated.

  • Legacy Checkout - Implemented For You Already!
  • Simple Form Post Checkouts - Requires upgrading your code by the deadline of July 15th.
  • StoreFronts - Implemented in Mr Teas theme version 0.22 or higher.  All users will be required to update to this version by the deadline of July 15th.
  • JavaScript/REST Checkout - Requires upgrading your code by the deadline of July 15th.

As you can see from the list above, if you're using the checkouts provided by UltraCart then your store already implemented the latest PCI requirements.  If you fall into the Simple Form Post Checkout or JavaScript/REST Checkout then you need to continue reading further.  There is a deadline to implementing the UltraCart Hosted Credit Card Fields that must be met or your checkout will stop functioning.

Setup an Integration

Tip

Once you read the instructions below, this checklist may help you upgrade sites using UCEditor POSTs. Sorry - we don't have one for javascript checkouts yet. Those tend to vary widely.

...

There is only one method call needed to add the UltraCart Hosted Credit Card Fields to your page.   This static method processes the configuration and returns an instance object.

Parameters

ArgumentTypeDescription
jQueryjQueryAn instance of jQuery. If you're using our sample above then the value would be "jQueryHostedFields", but if you already have jQuery available on the page then you can use "jQuery"
JSONJSON

An instance of the JSON object. If you are using our sample above then the value would be "jsonHostedFields".

Note

Most browsers provide their own JSON object which can be used by the API, but including an external version as the sample above provides consistency across all browsers and versions.


configobject


PropertyTypeRequiredDescription
sessionCredentialsObjectYesSee SessionCredentials below.
cssUrlsString[]
An optional array of CSS URLs that you would like injected into the iframe to further style the hosted input.
formString
An optional jQuery selector to locate the form. The underlying fields will be re-enabled before submission so that the masked values will be submitted.
hostedFieldsObjectYesSee HostedFields below.
overlayZIndexInteger
Change the default z-index for the overlay. If not specified then the overlay will use a z-index of 999999.
autoCopyStylesString[]

By default, the hosted fields will copy a set of common styles from the underlying field to the input. This helps to keep fonts, colors, borders, etc. looking the same within the hosted field as the underlying field. If nothing is specified, then the default set of styles copied is:

[

// Padding
"paddingBottom", "paddingLeft", "paddingRight","paddingTop",
// Text
"lineHeight", "fontSize", "fontFamily", "fontStyle", "fontWeight",
// Color
"backgroundColor", "color",
// Border
"borderBottomColor", "borderBottomLeftRadius", "borderBottomRightRadius","borderBottomStyle",
"borderBottomWidth", "borderCollapse", "borderLeftColor", "borderLeftStyle","borderLeftWidth",
"borderRightColor", "borderRightStyle", "borderRightWidth", "borderSpacing", "borderTopColor",
"borderTopLeftRadius", "borderTopRightRadius", "borderTopStyle", "borderTopWidth"

 ]


...

Due to the asynchronous nature of the hosted field loading, we recommend that you bind your event listener before the call to UltraCartHostedFields.setup.


The following sections demonstrate various types of usages for the UltraCart Hosted Credit Card Fields.

Implementing UltraCart Hosted Credit Card Fields in Simple Form Post Checkouts

...