|
Payment via
Sogenactif Paypage
|
- Payment pages hosted by Sogenactif.
|
- You do not store card details, so you do not have any PCI DSS constraints.
|
- Payment page customisation is more limited than if you host these pages.
|
SAQ-A
|
|
Payment via Sogenactif Paypage iFrame.
|
- Payment pages hosted by Sogenactif.
|
- You do not store card details, so you do not have any PCI DSS constraints.
- You can customise the HTML page containing the payment iFrame as you wish, because you host this page.
|
- Payment iFrame customisation is more limited than if you host this content.
|
SAQ-A
|
|
MOTO payment via Sogenactif Paypage.
|
- The customer communicates their payment details via e-mail or telephone.
- You enter those details on the payment pages hosted on Sogenactif
|
- You use ready-to-use payment pages managed by Sogenactif
|
- You handle card numbers, you must comply with PCI DSS constraints regarding the management of card numbers.
|
SAQ-D
|
|
Payment via Sogenactif Office Serveur.
|
- Payment pages hosted by your website.
- If you need to keep the card number, you must store it in your database.
|
- You can customise the payment pages as desired because they are hosted on your premises.
|
- You must comply with PCI DSS constraints regarding the storage of card numbers.
|
SAQ-D
|
|
Payment via Sogenactif Office Serveur using client-side encryption (CSE).
|
- Payment pages hosted by your website.
- Encryption of sensitive data before it is transmitted to your servers and to the Sogenactif servers.
|
- You can customise the payment pages as desired because they are within the mobile application.
- Your server receives encrypted sensitive data (no transmission of clear information on your server) for a simplified compliance with PCI DSS standards.
|
- You must manage an additional security key related to CSE.
|
SAQ A-EP
|
|
Payment via Sogenactif In-App.
|
- Payment pages are within the mobile application.
- Encryption of sensitive data before it is transmitted to the servers.
|
- You can customise the payment pages as desired because they are within the mobile application.
- Your server does not receive sensitive data. The data is sent from the mobile application straight to the Sogenactif In-App server.
|
- You must manage an additional service to initialise Sogenactif In-App payments.
|
SAQ A-EP
|
|
Payment via Sogenactif Office Serveur Sogenactif Hosted Fields
|
- Payment pages hosted by your website.
- Sensitive data is entered using the iframes hosted by Sogenactif.
|
- You can customise the payment pages as desired because they are within the mobile application.
- You do not store card details, so you have fewer PCI DSS constraints.
|
- You have to manage an additional service to initialise the iframes hosted by Sogenactif.
|
SAQ A-EP
|
|
MOTO payment via Sogenactif Gestion.
|
- The customer communicates their payment details via e-mail or telephone.
- You enter those details on payment pages hosted on Sogenactif Gestion
|
- You use one and only tool managed by Sogenactif to create and manage your transactions.
|
- You manage card numbers, you must comply with PCI DSS constraints regarding the management of card numbers.
|
SAQ-D
|
