Accepting Payments

Overview

This guide walks you through securely collecting, storing and processing payment data on a third party PSP using VGS to minimize PCI scope. The integration makes secure payment data collection easy with the VGS Collect JavaScript library and mobile SDKs. It automates exchanging aliased data with popular third-party payment vendors and can be customized to exchange data with any payment provider without a lot of code.

Advantages

PCI Compliant. Please, note that anyone involved with the processing, transmission, or storage of card data must comply with the Payment Card Industry Data Security Standards (PCI DSS). With this integration, your application seamlessly achieves PCI regulations, because no sensitive data hits your servers.
Optionality. Exchange payment data with multiple 3rd parties without being locked into one payment provider.

Integration

Step 1: Create a VGS account

Sign up for a free account with VGS Dashboard or login to an existing account. After you’ve signed up, we automatically create an Organization and a first Vault in the Sandbox environment.

Note, if you just signed up or have no routes yet, you can quickly start with downloading our personalized demo application. See how it works by clicking Try it out on your vault homepage and going through a simple 3-step flow.

If you went through the VGS for Payments quick start flow, Steps 2 and Step 3 are already pre-configured. Routes are set up for using them for the demo app and your vault.

Step 2: Securely collect payments data

Firstly, you should secure your inbound traffic, starting with your user interface. For this, use our VGS Collect product suite, JS library for Web or mobile SDKs. That allows you to securely collect data from your users via forms without having to have that data pass through your systems. The form fields behave like traditional input fields while securing access to the sensitive data.

You can always test your setup with Access Logger, where your can see requests statuses, payload diffs, matched information etc.

Step 3: Securely exchange data with payment vendors

After you create your first record with VGS, to exchange it with payment vendors you need to reveal aliased payment data. Choose one of the integrations methods to reveal your data. Please note, for using VGS Outbound connection and revealing data you need to:

Use Access credentials to send any request via VGS and reveal payments data.

{
  `curl https://echo.apps.verygood.systems/post -k \
  -x https://__ACCESS_CREDENTIALS__@__VAULT_HOST__:8443 \
  -H "Content-type: application/json" \
  -d '{"card_number": "ALIAS"}'`
}

Download and use TLS certificate in your application. The certificate is the same for all Sandbox Vaults.

You can always test your setup with Access Logger, where your can see requests statuses, payload diffs, matched information etc.

What's next?

PreviousCard Issuing NextVGS Migration Process

Last updated 9 days ago