Protect Customer Data with Orbital Hosted Pay Page – Card Services – Chase
Articles,  Blog

Protect Customer Data with Orbital Hosted Pay Page – Card Services – Chase


For e-commerce merchants, large and small, creating a secure, seamless and PCI compliant payment experience can be a complex and expensive
task. With the Orbital Gateway’s Hosted Pay Page, Chase Paymentech makes it easier to
protect your customers’ credit card data and provide them with a payment experience
that inspires confidence – all while managing your PCI compliance. In most e-commerce checkouts, customers are redirected to a secure third party, PCI hosted site. While the customer’s payment data is
protected and there is no PCI compliance exposure, you have few options to customize your pay page or align it with your product or company branding. Because it’s obvious to the customer
that they have left your website, they may be unclear if this is a website to be trusted
with their credit card information and sales may be lost. In another option, known as a direct post request, you have complete control over the look and feel of your pay page. The customer fills
in the fields served up from the web page, and upon making the purchase, the information
is sent to your gateway servers. The problem with this approach is that there may be times during the process when credit card information is not secure. For instance,
a hacker can place a JavaScript key logger (which we are showing here for the purposes of this example) on your website. The key logger records every mouse move and keyboard click on the site, including credit card information. There’s a real danger that a hacker can compromise
your website and gain access to sensitive payment information before it is sent off
to the Orbital Gateway. The Chase Paymentech Hosted Pay Page solution combines the security of our PCI compliant host with the ability for your e-commerce
pay page to be completely customized. Behind the scenes, the hosted pay page application
dynamically grabs your website template. Everything around the credit card form comes from your
company’s web server and you retain total control over customizing content and design. However, the credit card form is within the
Chase Paymentech Orbital Gateway. All of the links outside of the payment form are active
so if the customer wants to go back and change, or add to an order, they can seamlessly do
that. The Hosted Pay Page removes all hacker sensitive applications from the payment data
fields. In this example, you’ll notice that the key logger is disabled as the customer
enters the credit card data. As the payment is made, and the credit card data is submitted
through the Chase Paymentech Orbital Gateway, the customer is returned to the success landing
page on your website. In this example, you’ll notice that the hacker’s key logger is active
again when there is no sensitive information being keyed into or displayed on the website.
With the Chase Paymentech Hosted Pay Page, all your personalization and branding is preserved, providing customers with a seamless and secure shopping experience. When deployed on your e-commerce site, the
hosted pay page will look just like your website because it is an extension of your website.
You will never host sensitive credit card data on your servers but will keep all the
features and functionality of your website as if you did. With the Hosted Pay Page, you
and e-commerce staff can now worry less about managing PCI compliance and the impact of
a data breach and focus more on providing a great customer experience, which includes providing customers with the peace of mind that their transactions are safe and secure.

Leave a Reply

Your email address will not be published. Required fields are marked *