What can HPCI do for you?

You are here: / What can HPCI do for you?

What Can HostedPCI do for you?

HostedPCI, launched in 2009, has been a Level 1 PCI DSS company for 11years. It was started to provide our customers with control of their checkout processes and reduce their cost for PCI DSS compliance. HostedPCI has helped merchants to reduce their scope of PCI compliance and helped them to qualify for SAQ type A, the simplest of all SAQ types as per PCI Security Data Council. HostedPCI’s primary solution is the tokenization of credit cards and credit card vaulting in HostedPCI storage. Our aim to make PCI compliance hassle-free and flexible for all merchants.

The credit card giants Visa, Mastercard, and American Express mandate that anyone handling sensitive credit card numbers and CVV to be PCI DSS Compliant. There are four levels of PCI DSS compliance. The simplest is SAQ Type A and the most complicated is SAQ Type D. HostedPCI’s objective is to enable merchants to qualify for SAQ Type A by removing the handling of the sensitive credit card number and CVV from their credit card transaction processing scope.

HPCI Credit Card 3d Secure

3D Secure Credit Card

HPCI iFrame Credit Card Collect Form

Credit Card Capture Screen(iFrame)

HostedPCI Place Holder Image

Tokenized Credit Card

HPCI Call Center Image

Call Center Capture of Credit Card

HostedPCI reduces scope by securely vaulting credit cards in our storage vault and returning you a unique identifier called HPCI token. A token (4917 4455 6677 0000) is not a real credit card (4917 6100 0000 0000), instead, it represents the real credit card stored in our storage vault. The first and last four digits match with the real credit card and the middle digits are modified so it is never a real credit card number. The token can be used for processing credit card operations. Since there is no real credit card in your possession or scope, you can qualify for SAQ Type A. Hosted PCI implements various different solutions described below to allow tokens to be used instead of the real credit card and continue your business as usual.

A. HPCI Credit Card Tokenization & Vaulting Solution

HPCI Credit Card Tokenization & Vaulting solutions are designed to store a real credit card number and CVV and return the HPCI token. The token can be used by the merchant’s website to perform all the credit card transactions instead of a real credit card. The real credit card is received from the merchant’s website through an interface like an HTML iFrame styling or an API and stored in our storage vault. These interfaces seamlessly integrate with the merchant’s website and are designed to store the sensitive credit card number and CVV only in the HPCI vault, helping the merchant become PCI compliant by qualifying for SAQ type. Merchants can use the following two services ways to get an HPCI token:

  1. iFrame Tokenization
  2. API Tokenization
HPCI iFrame Credit Card Collection Form
HPCI API Image

B. HPCI Call Center IVR Telephone Solution

HPCI IVR solution is designed to provide interactive solutions to our merchants through a Call Centre IVR or Self-Service IVR for over the phone card payment transactions. The IVR’s use DTMF tones from the keypad to record the 16-digit credit card number which is salted with additional DTMF tones making it a 20-24-digit credit card number. The additional DTMF tones keep the agent or any recording device out of scope and ensure compliance. HostedPCI IVR integrates directly with Hosted PCI Tokenization Solution and makes it easier than ever to ensure credit card security.

  1. Self-Service IVR
  2. Call Center IVR

C. HPCI In-Line Tokenization Solution

HPCI In-line Tokenization Solution was designed for our merchants who require to get the real credit card details from a third-party partner and use it for business transactions. Hosted PCI acts as a mediator between the third-party partner and merchant, where Hosted PCI accesses the file at the third-party SFTP or HTTPS location. Hosted PCI checks this file for real credit card information and sanitizes the file by replacing the real credit card with the HPCI token. The sanitized file is returned to the merchant and no real credit card detail is accessible by the merchant, helping our merchant to qualify for SAQ Type-A.

D.HPCI Gateway Tokenization Solution

HPCI Gateway Tokenization Solution is designed for merchants who do not want to change their original payment process and utilize gateway tokens for payment transaction processing to become PCI compliant. Hosted PCI is one of the rare companies to offer a gateway token solution while allowing merchants to maintain the original payment flow. The real 3d secure credit card (4917 6100 0000 0000) and CVV (123) are stored in the HPCI vault and an HPCI token (4444 0000 1520 1111) is returned to the merchant website. When the request is submitted for the gateway token, the HPCI token (4444 0000 1520 1111) and CVV (200) is shared with the payment gateway and the gateway returns the payment gateway token (hLDyVnlgCFMZFv72BpwlNAMh1) to the merchant website for transaction processing. The above process of obtaining gateway tokens by using HPCI tokens helps our merchant to become PCI compliant by qualifying for SAQ type A.

E.HPCI Standard Gateway Processing Solution

HPCI Standard Gateway Processing solution provides all our merchants to add, switch, or integrate with any payment gateway. Hosted PCI supports more than 40 Payment gateways. The merchants can choose to integrate with multiple payment gateways at one time. The flexibility of switching within multiple gateways provides monetary benefits to merchants. The payment gateway list is available for all the supported payment gateways and can add more payment gateways as per the requirement

HPCI – Payment Gateway Flow

The diagram below shows the process flow of a credit card transaction between a Merchant CHeckout page, HPCI, and gateways.

F.HPCI Non-standard Gateway Solution

HPCI Non-Standard Gateway Tokenization Solution was designed to enable merchants to share the credit card information with a third party or any payment gateway and avoid the merchant from processing the transaction. Hosted PCI would convert the Hosted PCI tokens to real credit cards and upload this file to a secure and designated SFTP location selected by the merchant. All transactions are processed through a secure TLS network. This solution allows our merchants to reduce their PCI scope without changing their current payment processing vendor flow.

  1. File Dispatch
  2. XML Dispatch

G.HPCI Data Residency Solution

HPCI Data Residency Solution is to provide our merchants with the flexibility to choose where their data needs to be stored. Hosted PCI has four data centers across the globe located in the United States of America, Canada, Europe, and Australia. This gives merchants the flexibility in choosing the data center of their choice. Along with the data center, the merchants can also choose to store their data within Amazon Web Services (AWS), or Google Cloud Platform (Canada, Australia, Europe). All the Hosted PCI solutions can be combined with each other and are tailored to suit your needs. Hosted PCI solutions integrate and implement within the merchant’s environment with no changes to their existing services, interfaces, systems, thereby seamlessly manage and secure their sensitive payment data. The merchants have an option to add, switch, or integrate with any payment gateway providing flexibility and monetary benefits. The merchants can share their card payment data irrespective of the endpoint in tokenized format via secure networks and remain PCI compliant. Therefore, all Hosted PCI solutions are secure, reliable, and on par with the latest technologies and upgrades.

H. Some of Our Clients

PreviousNext
1234567