- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2016
01:47 PM
05-18-2016
01:47 PM
Magento 2 Braintree PCI Compliance
I am doing a PCI compliance self assessment.
Does the out of the box Magento 2 Braintree payments integration use Direct Post method (SAQ A-EP) or iFrame Hosted Fields (SAQ-A)?
Labels:
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2016
11:03 PM
05-18-2016
11:03 PM
Re: Magento 2 Braintree PCI Compliance
I believe the Magento 2 integration uses the Braintree v.zero SDK, which uses tokens instead of storing the CC info in the database. This simplifies PCI compliance significantly.
Sindre M, CEO & Founder
ProperHost.com - The Magento Hosting Experts
ProperHost.com - The Magento Hosting Experts
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2016
12:17 PM
05-20-2016
12:17 PM
Re: Magento 2 Braintree PCI Compliance
Thanks for your reply, but I am still not clear.
Do you mean that Magento2's v.zero SDK implementation uses the Direct Post method or that it uses iFrame hosted fields?
More about hosted fields:
https://www.braintreepayments.com/products-and-features/custom-ui/hosted-fields