Payments
go to Evonet
Start typing to search…

Direct API Overview

Direct API Overview

Direct API integration allows you to complete customization and full control over the entire payment process, allowing seamless integration into your application's workflow without redirects or third-party UI elements. This enables tailored user experiences, such as inline form validation, multi-step checkouts, or bundling payments with other app features for better conversion rates.

Merchants using Direct API flow will take full responsibility for managing the payment flow means. You can handle edge cases, implement advanced features like recurring billing or split payments programmatically, and maintain brand consistency throughout.

Major Considerations

PCI-DSS

Processing card data, even briefly, expands your PCI-DSS compliance scope, necessitating annual audits, vulnerability scans, and strict adherence to security controls. This can be costly and resource-heavy, particularly for smaller teams with limited budgets or expertise.

Merchants must actively monitor and adapt to evolving PCI-DSS and security standards to avoid non-compliance penalties or data breaches, which requires ongoing vigilance and potentially specialized support.

📘

PCI DSS Certificates

To process the card information securely, the merchant must be PCI DSS certified. The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. It is managed by an independent body created by Visa, Mastercard, American Express, Discover, and JCB, the PCI Security Standards Council (PCI SSC).

Maintenance of Integrations

Integration is typically more technically demanding and time-consuming, requiring strong developer expertise in APIs, security protocols and handling asynchronous callbacks, which can delay time-to-market compared to drop-in or LinkPay.

Ongoing maintenance will be higher due to API versioning, dependency management, and testing across environments, potentially increasing development costs and the need for dedicated support.

Summary

If you would like to have a full control of payment experience and end 2 end flow, while additional liabilities with security and PCI-DSS are manageable. Direct API will be your best choice, otherwise Drop-in and LinkPay will be a better option.

Updated about 1 month ago