Table of Contents |
---|
...
As the PCI (Payment Card Industry) standard continues to evolve there are new requirements that must be implemented to maintain the security of card holder data. With PCI 3.0, which comes into full effect in 2015, there is a new requirement that ALL sensitive payment data form fields MUST come from the PCI-DSS certified provider. If your website is serving up the input fields associated with the PAN (primary account number 15-16 digits) or the card verification number (CVV/CVV2) then you will be exposing yourself to SAQ-EP (all 12 requirements of PCI) instead of SAQ-A (2 requirements of PCI).
What has to Change?
If you're using a custom JavaScript checkout or an external payment form, you will need to make upgrades by July 15, in order to meet the new requirement for using UltraCart Hosted Credit Card Fields. After this deadline legacy methods of sending credit card data to UltraCart will no longer function. Below are documented examples on how to update your external integration. If you have additional questions, please contact UltraCart Support.
What are the Deadlines?
July 15th is the deadline for making the upgrades. UltraCart will send automated notices to accounts that interact with legacy interfaces that need to be updated.
- Legacy Checkout - Implemented For You Already!
- Simple Form Post Checkouts - Requires upgrading your code by the deadline of July 15th.
- StoreFronts - Implemented in Mr Teas theme version 0.22 or higher. All users will be required to update to this version by the deadline of July 15th.
- JavaScript/REST Checkout - Requires upgrading your code by the deadline of July 15th.
As you can see from the list above, if you're using the checkouts provided by UltraCart then your store already implemented the latest PCI requirements. If you fall into the Simple Form Post Checkout or JavaScript/REST Checkout then you need to continue reading further. There is a deadline to implementing the UltraCart Hosted Credit Card Fields that must be met or your checkout will stop functioning.
Setup an Integration
Tip |
---|
Once you read the instructions below, this checklist may help you upgrade sites using UCEditor POSTs. Sorry - we don't have one for javascript checkouts yet. Those tend to vary widely. |
...
There is only one method call needed to add the UltraCart Hosted Credit Card Fields to your page. This static method processes the configuration and returns an instance object.
Parameters
Argument | Type | Description | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
jQuery | jQuery | An instance of jQuery. If you're using our sample above then the value would be "jQueryHostedFields", but if you already have jQuery available on the page then you can use "jQuery" | ||||||||||||||||||||||||||||
JSON | JSON | An instance of the JSON object. If you are using our sample above then the value would be "jsonHostedFields".
| ||||||||||||||||||||||||||||
config | object |
|
...
Due to the asynchronous nature of the hosted field loading, we recommend that you bind your event listener before the call to UltraCartHostedFields.setup.
The following sections demonstrate various types of usages for the UltraCart Hosted Credit Card Fields.
Implementing UltraCart Hosted Credit Card Fields in Simple Form Post Checkouts
...