Direct Vault API

If the Hosted Payment Page (HPP) does not meet your application requirements, Ezypay provides Vault APIs as an alternative. This approach allows you to collect payment method details through a custom form in your application and submit them directly to Ezypay.

When to use Vault APIs

Vault APIs are designed for cases where customisation of the payment method collection process is critical and the HPP cannot be integrated. This option is suitable only for integrators with robust PCI DSS compliance processes.

While Vault APIs offer flexibility, they come with additional compliance responsibilities. Evaluate your PCI DSS compliance readiness and consider whether the HPP could meet your needs before opting for Vault APIs.

How it works

• Collect payment details from customers using your customised payment collection form.
• Send the details to Ezypay via the Vault APIs.
• Receive a payment method token, which can be used in the same way as tokens obtained via HPP.

Key considerations

No PCI compliance scope reduction:
Unlike HPP, this approach means payment data flows through your servers, which places the responsibility for PCI DSS compliance on you.

PCI DSS compliance required:
Integrators using Vault APIs must adhere to PCI DSS security standards. Ezypay will verify your PCI compliance status before issuing production credentials.

Mandatory Terms & Conditions:
You must display Ezypay's Terms & Conditions when collecting payment method details via Vault APIs.