https://community.developer.cybersource.com/t5/Integration-and-Testing/Not-sure-about-payments-safety/m-p/61790#M36193 <P>&nbsp;</P> <P>Yes&nbsp;using&nbsp;<SPAN>&nbsp;customer profiles to enable merchants to tokenize and store sensitive customer payment information on our secure servers, which simplifies PCI DSS compliance as well as the payments process for returning customers and recurring transactions.</SPAN></P> <P>&nbsp;</P> <P>Are you looking for PCI&nbsp;compliant&nbsp; solution ? check out our Accept Customer solution for it .</P> <P>&nbsp;</P> <P><SPAN>Authorize.Net Accept Customer is a fully hosted solution for payment information capture which allows developers to leverage our Customer Profiles API while still maintaining SAQ-A level PCI compliance. Our forms are mobile-optimized and designed to reduce friction in your consumer experience.</SPAN></P> <P>&nbsp;</P> <P><A href="https://developer.authorize.net/api/reference/features/customer_profiles.html#Using_the_Accept_Customer_Hosted_Form&nbsp;" target="_blank">https://developer.authorize.net/api/reference/features/customer_profiles.html#Using_the_Accept_Customer_Hosted_Form&nbsp;</A></P> Tue, 20 Feb 2018 22:23:24 GMT Anurag 2018-02-20T22:23:24Z https://community.developer.cybersource.com/t5/Integration-and-Testing/Not-sure-about-payments-safety/m-p/61755#M36162 <P>Hello,<BR />I want to allow users to add cards to my DB. It will help to prevent double typing card's data.<BR />I know it's not safe to store card's data, so I want to create user's profile and paymentProfile according to this:<BR /><A href="https://github.com/AuthorizeNet/sample-code-php/blob/master/CustomerProfiles/create-customer-profile.php" target="_blank">https://github.com/AuthorizeNet/sample-code-php/blob/master/CustomerProfiles/create-customer-profile.php</A><BR />So I will store at my DB only profile ID and PaymentProfile ID.<BR />When user will buy something, we will allow him to use existing card and not add another one, according to this:<BR /><A href="https://github.com/AuthorizeNet/sample-code-php/blob/master/PaymentTransactions/charge-customer-profile.php" target="_blank">https://github.com/AuthorizeNet/sample-code-php/blob/master/PaymentTransactions/charge-customer-profile.php</A></P><P>On the frontend I will create html POST form with fields of card's data. On the backend I will send it to Authorize and take back PaymentProfile ID and profile ID and save these IDs to my DB, not card's data.</P><P>The question is: Is it will be safe, and is it good descision?</P> Sat, 17 Feb 2018 15:55:57 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Not-sure-about-payments-safety/m-p/61755#M36162 serg1992a 2018-02-17T15:55:57Z https://community.developer.cybersource.com/t5/Integration-and-Testing/Not-sure-about-payments-safety/m-p/61790#M36193 <P>&nbsp;</P> <P>Yes&nbsp;using&nbsp;<SPAN>&nbsp;customer profiles to enable merchants to tokenize and store sensitive customer payment information on our secure servers, which simplifies PCI DSS compliance as well as the payments process for returning customers and recurring transactions.</SPAN></P> <P>&nbsp;</P> <P>Are you looking for PCI&nbsp;compliant&nbsp; solution ? check out our Accept Customer solution for it .</P> <P>&nbsp;</P> <P><SPAN>Authorize.Net Accept Customer is a fully hosted solution for payment information capture which allows developers to leverage our Customer Profiles API while still maintaining SAQ-A level PCI compliance. Our forms are mobile-optimized and designed to reduce friction in your consumer experience.</SPAN></P> <P>&nbsp;</P> <P><A href="https://developer.authorize.net/api/reference/features/customer_profiles.html#Using_the_Accept_Customer_Hosted_Form&nbsp;" target="_blank">https://developer.authorize.net/api/reference/features/customer_profiles.html#Using_the_Accept_Customer_Hosted_Form&nbsp;</A></P> Tue, 20 Feb 2018 22:23:24 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Not-sure-about-payments-safety/m-p/61790#M36193 Anurag 2018-02-20T22:23:24Z