To collect or save your customers' cards details, you must be PCI certified. 

To know more about PCI DSS Certification and Requirments, please check the article here for more information.

If you are obtaining card details using your own form to save them

You have to be PCI certified to a minimum SAQ-D Merchant. This is because card details will be handled by your system. After receiving the card details from your payment page, you are required to send a payment request using the transaction API, hence you will need to include the card details within the payment request.



If you are collecting card details using our managed form

You have to be PCI certified to a minimum SAQ A-EP Merchant. This is because card details will not be handled by your system, yet the payment page is displayed on your website. After receiving the payment token details from your payment page, you must send a payment request using the transaction API, hence you will need to include the token details within the payment request.