Finix is certified as a Level 1 Payment Card Industry Data Security Standards (PCI DSS) compliant Service Provider. For more details, see Security and Compliance at Finix.
If you have a Level 1 PCI compliant card data environment (CDE), you don't have to use the forms offered by Finix and can create your own form or flow to collect buyer information.
If you're interested in processing raw card data, contact the Finix Support Team. A Level 1 or 2 PCI Attestation of Compliance (AoC) needs to be provided to Finix to process raw card data.
If you don't have a CDE and want to process payments, use Finix Hosted Fields to collect buyer information.
Processing raw card data is similar to processing other payments that use our Hosted Fields. Steps include:
Building a payment form for cards
- When handling raw card data, you'll need to create the form as opposed to hosting a form created by Finix.
- Creating a Payment Instrument
- Creating a Sale or Authorization
- Handling the post-payments experience
The form you create must collect enough information to successfully create an
Payment Instrument for the buyer. The information also needs to be collected in a PCI compliant environment.