Hosted Payment Page
Ezypay's Hosted Payment Page (HPP) is an integration solution designed to collect payment method information from customers while maintaining PCI Compliance for your application.
The HPP is an iframe form embedded in your application to securely gather customer payment data. Upon submission, sensitive information is sent to the Ezypay Vault directly, returning a payment method token. Link the token to a customer and use it for future billing. This token-based approach minimizes the PCI scope for your application.
HPP is used for all payment methods supported by Ezypay unless specified otherwise. It greatly simplifies integrators' efforts as they're only required to develop one solution for all Ezypay-supported payment methods.
PCI compliance scope reduction
When cardholder data passes through your hosting environment, your systems fall within PCI compliance scope. Using the HPP ensures all payment method information is passed directly to the Ezypay Vault without going through your hosting environment - returning only a token for future use.
This reduces the PCI compliance scope for integrators and simplifies development work. You must ensure no storage or logging of card information on your site or app.
Payment method validation
The HPP validates payment details before submission. If the input does not pass the validation, the form cannot be submitted and an error message is displayed, prompting customers to re-enter valid information. Validation checks include:
For cards
| Field | Validation |
|---|---|
| Card Number | a. Number only b. Valid Card Number Format |
| Expiry Date | a. Card is not expired |
Note: The form does not alert customers about cards nearing expiration but not yet expired.
For bank direct debit
AU
| Field | Validation |
|---|---|
| BSB Number | a. Number only b. Valid BSB Number |
| Account Number | a. Number only b. Maximum 15 digits |
NZ
| Field | Validation |
|---|---|
| Bank Number | a. Number only b. Must be 2 digits c. Valid Bank Number |
| Branch Number | a. Number only b. Must be 4 digits c. Valid Branch Number |
| Account Number | a. Number only b. Maximum 7 digits c. Valid account number |
| Suffix Number | a. Number only b. must be 2 or 3 digits |
For wallet
| Field | Validation |
|---|---|
| Phone Number | a. Number only b. Valid Philippines Phone number |
For PayTo
| Field | Validation |
|---|---|
| Phone Number (not required if email address or BSB number is provided) | a. Number only b. Valid Australia Phone number |
| Email Address (not required if phone number or BSB number is provided) | a. Valid email address format |
| BSB Number (not required if phone number or email address is provided) | a. Number only b. Valid BSB Number |
| Account Number (not required if phone number or email address is provided) | a. Number only b. Maximum 15 digits |
Page content and customisation
The HPP dynamically adjusts content based on the customer's country, displaying only supported payment methods. Custom styling and branding are currently not supported. Recommended iframe sizes are:
- Width: 100%
- Height: No less than 256 px (use dynamic sizing)
- Font size: Dynamic, auto-scaling with the
iframesize
Updated about 1 month ago