Collect.js provides access to a popup form which securely captures payment data and generates a "token". The token is then used with the Direct Post API instead of raw credit card or bank account data. The popup form is technically a seperate page hosted by the gateway, so no payment information touches the merchant's site. This allows merchants to minimize their PCI-compliance footprint, with minimal changes to the customer experience.
Collect.js Video Tutorial
Collect.js is designed to be flexible, and its implementation can be as simple as pasting a single script tag to your checkout page, or it can be customized to interact with your website however you’d like.
Authentication is done via a "tokenization key" that you can generate in your merchant control panel under the "Security Keys" settings page. Select "Tokenization" for the key type.This tokenization key can only be used with Collect.js and will not work with any other APIs. Similarly, any API keys already created will not work with Collect.js.
This key will be visible to customers in your website’s source code, so please make sure you only use the tokenization key here.
Please Contact me with More Information
Every merchant account will have to stay compliant by completing a SAQ Self Assessment Questionnaire every year or they will be charged a monthly PCI non compliance fee.