axis diplomat 2024 Modules |
||||||||||||||||||||||||||||||||||||||||||
18. Payment Service Provider (PSP) Interfaces |
||||||||||||||||||||||||||||||||||||||||||
Payment Service Providers (PSPs) offer online services for accepting payments using various payment methods including credit card, debit cards and bank transfer and allow businesses to accept online payments without the need to securely process payments themselves. axis diplomat works with a number of PSPs including Opayo (formerly SagePay) and PayPal. |
||||||||||||||||||||||||||||||||||||||||||
18.1 Payments via your website |
||||||||||||||||||||||||||||||||||||||||||
Opayo allows credit and debit card payments to be processed via your axis vMerchant website. The shopper appears to be entering the details into your own website but in reality they are using a page hosted by the PSP themselves. This means that the card payments never go through your own website, removing most, if not all, of the requirements for your website to conform to the demands of the PCI DSS data security standards. The PSP simply returns their own unique ID which is then used by the website and axis diplomat for subsequent processing - no information about the card used is known so security is maintained. Alongside processing card payments, PayPal is frequently offered as an alternative payment method and users with their own PayPal account may make payments directly from their bank account or linked credit card. |
||||||||||||||||||||||||||||||||||||||||||
18.2 Payments for Mail Order / Telephone Order Sales |
||||||||||||||||||||||||||||||||||||||||||
Opayo may also be used in a telesales environment (known in the banking world as MOTO - Mail Order Telephone Order). axis diplomat allows you to enter the card details directly into the sales order maintenance functions - they are then transmitted to the PSP and again only their unique IDs are stored, not the card details. Please be aware, however, that simply typing customer's card details into a workstation on your network (whether via axis diplomat or the PSPs own website portal) may increase your obligations under the PCI DSS security directives. If in doubt, please consult a Qualified Security Assessor (QSA). For further information on options for minimising your requirements for PCI DSS compliance in a MOTO environment, please refer to the Payment Card Security overview. |
||||||||||||||||||||||||||||||||||||||||||
18.3 Payment with Order or Payment on Shipment |
||||||||||||||||||||||||||||||||||||||||||
PayPal always takes the payment at the point the order is placed; Opayo, however, offer the option of payment with order or of deferring payment until a later date (at the point the goods are shipped). The choice of whether to take payments up front or at the point of despatch is yours - indeed, you can switch the mode of operation whenever you wish. Many prefer to take the payment up front but if there are regularly situations where it is more than a day or two before goods are shipped then best practice is to delay taking payments until the shipment is ready. In the case of deferred payments, axis diplomat is aware of the PSP used to authorise the payment and will automatically contact the PSP (Opayo) to collect the payment as part of the order release process. This automatically handles part-shipment as well so you are always only collecting the payment for the goods that are actually being shipped. |
||||||||||||||||||||||||||||||||||||||||||
18.4 Comparison of PSP Functionality |
||||||||||||||||||||||||||||||||||||||||||
Key Y - functionality available with the standard axis diplomat module N - functionality not available O - functionality available but requires an optional module in addition to the standard PSP module Notes 1 - Taking card payments via your axis diplomat system may have an effect on the level of PCI DSS self-assessment that you are required to complete; if in doubt, please discuss with your QSA
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||