The Three Step Redirect API™ is an integration method that ensures secure data transmission by keeping merchants from seeing, touching, handling, transmitting, and even storing any sensitive payment information.
By taking merchants outside the scope of handling sensitive payment information, the Three Step Redirect API™ minimizes the cost and complexity of industry regulations and standards; especially the Payment Card Industry Data Security Standard (PCI-DSS).
The customer never knows they left the merchants website. The seamless look and feel is always kept throughout the process.
How Does it Work?
Here is an example of a typical transaction involving the Three Step Redirect API:
Catherine, the customer, enters Wally's Website to purchase his famous wallpaper. Catherine picks out her favorite design and goes to Wally's checkout to make the purchase.
Wally itemizes the products in Catherine's shopping cart and creates an invoice, which he sends to the Payment Gateway. The Payment Gateway receives Wally's invoice and responds to Wally, providing him a URL where Catherine goes to enter her sensitive payment information.
Catherine leaves Wally's website seamlessly, and submits her payment information to the Payment Gateway bypassing Wally completely. The Payment Gateway combines information from Wally's invoice with Catherine's sensitive payment information and returns Catherine back to Wally's Website.
Wally sees Catherine has returned and receives a token from the Payment Gateway confirming terms of the transaction. Wally can then suggest other items for Catherine to purchase or instruct the gateway to process the transaction.
All of the above takes place in just a few seconds!
For more information please refer to the online gateway integration portal at www.paylinedata.com/integration