Client Side Encryption (CSE) is an integration method on the Worldwide Payment Gateway (WPG) that can potentially reduce your PCI DSS burden.
CSE encrypts cardholder data at the point of payment, resulting in encrypted data passing through your servers.
The cardholder data is encrypted in the browser (or App) so it cannot be read, and the encrypted data is sent to your server. You then send the payment to us, where we decrypt the information and pass it on for processing.
- A shopper paying by card enters their cardholder data and submits their payment. As the payment is submitted, it is encrypted by Client Side Encryption.
- When you receive the payment, you create an XML order containing the encrypted information.
- When we receive the order, we decrypt it using your private key. The information is then passed on for processing.
- Once a response is received, we pass the response back to you.
To learn more about how it works, contact your Relationship Manager or see the Client Side Encryption part of the XML API Integration Guide.