PCI Vault Forms

Securely capture payment card data from your site using PCI Vault. PCI Vault is a vendor neutral PCI DSS compliant environment designed to reduce your PCI compliance scope to a SAQ by using credit card tokenization. Data captured with this plugin will be sent to PCI Vault's DSS compliant environment directly, and will not be present on your own server. This allows you to securely capture and tokenize credit card data without being PCI DSS compliant. How it Works The plugin comes with a short code that loads PCI Vault's own Payment Card Data (PCD) form, and makes all the necessary requests to the PCI Vault API in order to get the form working. You can read more on the API side of things here. Take note that this includes 2 paid API requests: 1 when the form loads, and 1 when the data is being sent to PCI Vault. To use this plugin, add your authorisation details, and the user/passphrase for a key, in the PCI Vault Options menu. You can then load the capture form anywhere in your site by using the pcivault_capture shortcode. Shortcode Attributes All valid short code attributes are imported directly into the javascript that renders the form. The security of these attributes are the responsibility of the site, and not PCI Vault. Every attribute must be a valid Javascript expression. We recommend to use function calls that return the values you want the attributes to have, this will grant extra flexibility and avoid issues with Wordpress's sanitisation. The attribute options are:

• success_callback: A JS function to call if the card was successfully stored.
• error_callback: A JS function to call if the card was not successfully stored.
• extra_data: Extra data to store along with the card, must be a valid JS object. This is where using a JS function call really helps.
• show_card: A true/false value on whether or not to show the card on the form.
• disable_luhn: A true/false value on whether to disable validation on all form fields.
• force_keypad: A true/false value on whether to force the user to use a randomised on-screen keypad for entering card numbers. This helps to protect you from key-loggers.
• field_options: A configuration object for specifying which of the form fields to show or validate.

For more information on these fields, please check the documentation for PCI Vault's Payment Card Data (PCD) form. PCI Vault All of the magic behind this plugin happens on PCI Vault's environment. This plugin sends an authenticated request to PCI Vault, retrieving a unique capturing endpoint. This request includes your authentication details, and the key/passphrase pair specified in the PCI Vault Options menu. This plugin also loads a hosted PCD form from PCI Vault. You need to be a customer of PCI Vault for this plugin to work. You can view our pricing and register an account. Also have a look at our Terms of Service and our Privacy Policy.

1.1.3 (2024-10-08)

• Updated short description

1.1.2 (2024-10-08)

• Updated documentation to provide more clarity on credit card tokenization
• Test plugin on Wordpress version 6.7

1.1.1 (2023-03-28)

• Add more default fields to the data stored in the vault
• Also make stored data available for the js callbacks
• Test plugin on Wordpress version 6.1.1

1.1.0 (2022-12-23)

• Expand shortcode attributes to give more control over the card form

1.0.2 (2022-08-22)

• Reduce required Wordpress version from 5.7.0 to 4.3.1

1.0.1 (2022-08-22)

• Reduce required Wordpress version from 6.0.1 to 5.7.0

1.0.0 (2022-08-17)

• Initial version