Docs
With this option, you get to offer your customers a native out-of-the-box (OOTB) experience provided by Chargebee to collect the customer's card details. Once the details are collected, the sensitive card information is encrypted and sent to the chosen payment gateway. The processed information from the payment gateway is then sent to Chargebee as a token that is associated with the customer record in Chargebee.
Recommendation- SAQ A compliance
With this option, you will own and customize/create your own checkout page and use Chargebee.js Card Components to collect customer's card details. Once the customer's credit card details are entered in the Hosted Payment Fields or Components, the sensitive card information is encrypted and sent to the chosen payment gateway. The processed information from the payment gateway is then sent to Chargebee as a Token. The Token should be used in the ‘Create subscription' and ‘Create payment source API' to create subscriptions and payment methods in Chargebee.
Recommendation- SAQ A compliance
With this option, you will own and customize/create your own Checkout page and use the provision (Java Script) provided/offered by your chosen payment gateway to collect the customer's card data. Once the customer's credit card details are entered on the Checkout page, the sensitive card information is encrypted and sent to the payment gateway. The processed information from the payment gateway is then shared as a Token. The Token should be used in the ‘Create subscription' and ‘Create payment source API' to create subscriptions and payment methods in Chargebee.
Recommendation- SAQ A compliance
In this option, you'll have to collect the card details at your end, and process it in the following ways -
Transmit the card details to Chargebee, which will then be encrypted and routed to the chosen payment gateway.
Directly transfer the card details to the chosen payment gateway for processing. The processed information from the payment gateway is then shared as a token. The token should be used in the ‘Create subscription' and ‘Create payment source API' to create subscriptions and payment methods in Chargebee.
Recommendation- SAQ D compliance
With this option, you get to offer your customers a checkout experience offered by a third-party ‘Checkout' service provider. On completion of a transaction, you can collect the token created in your chosen gateway account and use the Chargebee SDK (with the language of your preference) to create subscriptions and payment methods in Chargebee.
Recommendation- SAQ A compliance
These suggestions serve as broad guidelines and may not suit every unique business situation. Your required Self-Assessment Questionnaire (SAQ) depends on your business operations and your merchant bank's criteria. For precise guidance, we advise consulting your merchant bank or an accredited PCI-DSS assessor directly.
Billing/how-is-data-security-handled-in-chargebee.txt