Online Merchants: 3 Things to Consider When Choosing an iFrame Payment Form

If you’re an online merchant or e-commerce provider by now you know you should use an iFrame based payment form to minimize your PCI compliance burden. And, in general, you’re in luck! Since PCI DSS 3.0 is almost two years old by now, most payment gateways and payment processors have iFrame-based payment forms available for use. However, all is not rosy in the payment form landscape. Just because your gateway offers a payment form that has “iFrame” […]

Click to Read Full Article

iFrame Payment Form v1.0

In January of this year, Spreedly released the beta version of the iFrame payment form. The iFrame payment form allows merchants to collect payment information in accordance with the new guidelines of PCI-DSS v3.0 while still retaining control over the look and feel of their checkout page. Today we’re happy to announce the release of iFrame v1.0  – the result of several months of beta testing and customer feedback. iFrame v1.0 builds on the great feedback […]

Click to Read Full Article

Using an iFrame Payment Form with Spreedly

PCI-DSS v3.0, which went into effect on January 1st of this year, mandates the use of an iFrame-based payment form for merchants wishing to minimize PCI compliance scope (defined as the ability to self-assess using the SAQ A questionnaire instead of the more onerous SAQ A-EP). We previously wrote about maintaining PCI compliance in light of the new PCI-DSS requirements and invited customers into our iFrame payment form private beta program. Since then we’ve worked […]

Click to Read Full Article

PCI DSS 3.0 for Online Merchants

Nothing strikes fear in the heart of online merchants quite like PCI DSS – the set of “technical and operational requirements designed to protect cardholder data” put forth by the credit card networks (Visa, MasterCard, etc…). If you accept credit cards online, even if you’re not storing or processing those cards yourself, you need to be aware of its requirements and prepared to invest some time into compliance. The upgrade from v2.0 to PCI DSS 3.0 […]

Click to Read Full Article

SAQ-A-EP: A big shakeup for online merchants

EDIT: This post was originally made in March 2014. In April 2014 an “Understanding guidelines” doc was issued that indicated that iFrame pages would be treated more favorably than direct post/redirect approaches. Read our most recent post here:    The new PCI DSS 3.0 Self Assessment Questionnaires (SAQ) were released recently but will not go into effect until January 2015. However, as the new requirements stand, the impact for merchants transacting online seems to be potentially very significant. […]

Click to Read Full Article

Spreedly vs SpreedlyCore

We get this question a lot. Just what is the difference between Spreedly and SpreedlyCore? There are a couple of different ways to answer. Spreedly is designed as a lightweight, simple, subscription service. It appeals to developers and business development folks who want to have a dedicated subscription service coupled to a payment gateway of their choice. When you visit a webpage with “Choose from one our of 3 to 5 plans!” then there’s a […]

Click to Read Full Article

Spreedly Core PCI-DSS: Guest Blog Post

This post was written by Gary Solomon, a founder at Wide Open Technologies, an ecommerce/web design company At Wide Open Technologies, we became early and enthusiastic adopters of Spreedly Core as the perfect solution for solving the PCI-DSS compliance needs of our eCommerce clients. The product has been such a hit internally (and with our clients) that not only have we made it the foundation of our own custom eCommerce platform, but we’ve also looked […]

Click to Read Full Article