The Magic Behind Secure Credit Card Payments for PCI Compliant Merchants


No matter how large or small your online business is, if it relies on credit card transactions, you must have a payment form on your website, whether it is on a shop platform that you use or you have decided to implement it on your own. Moreover, if you accept credit cards as form of payment, you have agreed somewhere in your contract to comply with PCI regulations.

What we at QaiWare often see is that merchants are not always aware of how the payments take place, what a secure payment process looks like and where and to what extent is the PCI compliance involved. That is why we decided to shed some light on these questions.

Let’s take a closer look at the process of a secure credit card payment on the website of a merchant who is only PCI Level 4 Compliant. The diagram below, created by our team at QaiWare, illustrates the process of a secure credit card transaction that a merchant with an integrated PSP solution offers to his customers:

  1. Payment is initiated by the customer by landing on the payment form of a merchant’s checkout page. By clicking on pay the form is not submitted to the merchant backend, but to the PSP via a tiny JavaScript library;
  2. The PSP creates a payment token and returns it to the merchant’s front-end (e.g. payment form);
  3. The merchant’s payment form sends the payment token to the merchant’s web shop application;
  4. The merchant’s web shop application handles the token and initiates payment on the PSP’s public API;
  5. The PSP’s public API processes the payment and returns a response to the merchant’s web shop application;
  6. The merchant’s application notifies the payment form and completes the operation.

The service of the PSP fields (illustrated above) is easily accessible for merchants through tiny JavaScript libraries provided by the PSPs. With a few lines of code a merchant can securely accept credit card payments on their own payment form.

Questions? If you have any, simply click here and let us know how we can help!