cancel
Showing results for 
Search instead for 
Did you mean: 

Magento 2 Braintree PCI Compliance

Magento 2 Braintree PCI Compliance

I am doing a PCI compliance self assessment.

 

Does the out of the box Magento 2 Braintree payments integration use Direct Post method (SAQ A-EP) or iFrame Hosted Fields (SAQ-A)?

2 REPLIES

Re: Magento 2 Braintree PCI Compliance

 

I believe the Magento 2 integration uses the Braintree v.zero SDK, which uses tokens instead of storing the CC info in the database. This simplifies PCI compliance significantly.

Sindre M, CEO & Founder
ProperHost.com - The Magento Hosting Experts

Re: Magento 2 Braintree PCI Compliance

Thanks for your reply, but I am still not clear.

 

Do you mean that Magento2's v.zero SDK implementation uses the Direct Post method or that it uses iFrame hosted fields?

 

More about hosted fields:

https://www.braintreepayments.com/products-and-features/custom-ui/hosted-fields