Hi,
Can some one please tell me what the diffrence is between sage pay and sage pay direct we have a site working on Nop 2.50 and I am looking at upgrading it to 3.50 and have found a sage pay plugin from:
https://www.microlitesoftware.co.uk/home/
That when up to Nop 3.30. But now 3.40 and 3.50 are out the plugin is broken and after contacting the company how I got the version 3.30 plugin from they said they are not developing it any more.
So my question is, what if any are the diffrences between sage pay and sage pay direct, are they both the same thing under different names or are they total different.
If they are the same will the Sage Pay Direct plugin work with Sage Pay in the UK!
Regards
Diffrence between Sage Pay and Sage Pay Direct
- 19
- 233
- 29.11.2013
- United Kingdom
I presume you're talking about the different integration methods.
There are two integrations you ought to care about.
Sage Pay Direct - The card information is collected by your site, and transmitted directly to Sage Pay. Unfortunately with this integration method you need to care a lot about PCI DSS compliance. Since your server sees the card, you'll fall under a much higher level of PCI compliance. Depending on your transaction volumes, you'll need to complete a SAQ D - this is a very long questionnaire that asks about your network topography, access to server rooms, wifi networks, security and encryption, etc. It's no small undertaking to become compliant at this level. Many merchant banks will insist on PCI DSS compliance.
The plus side is your customer never leaves your site, and get a nice, integrated experience.
Sage Pay Server (Redirect) - This is where your customer will be sent to Sage Pay to take the payment. Your server will never see the credit card details, and therefore you fall into a much lower level of PCI DSS compliance. The sting is your sales journey looks disjointed. It's slightly more painful to set up, as there is much server to server communication between your server and Sage Pay. But it works well.
Sage Pay Server (In frame) - You can run Sage Pay in your site, so it appears to your site like you are taking the payment on your own page. You'll probably need to run under SSL though.
Finally,
There is also Sage Pay Forms integration, which is similar to Server.
We offer a plugin that offers integration with both Direct and Server, so you'll have the opportunity to use either, depending on your own needs and stomach for PCI DSS.
There are two integrations you ought to care about.
Sage Pay Direct - The card information is collected by your site, and transmitted directly to Sage Pay. Unfortunately with this integration method you need to care a lot about PCI DSS compliance. Since your server sees the card, you'll fall under a much higher level of PCI compliance. Depending on your transaction volumes, you'll need to complete a SAQ D - this is a very long questionnaire that asks about your network topography, access to server rooms, wifi networks, security and encryption, etc. It's no small undertaking to become compliant at this level. Many merchant banks will insist on PCI DSS compliance.
The plus side is your customer never leaves your site, and get a nice, integrated experience.
Sage Pay Server (Redirect) - This is where your customer will be sent to Sage Pay to take the payment. Your server will never see the credit card details, and therefore you fall into a much lower level of PCI DSS compliance. The sting is your sales journey looks disjointed. It's slightly more painful to set up, as there is much server to server communication between your server and Sage Pay. But it works well.
Sage Pay Server (In frame) - You can run Sage Pay in your site, so it appears to your site like you are taking the payment on your own page. You'll probably need to run under SSL though.
Finally,
There is also Sage Pay Forms integration, which is similar to Server.
We offer a plugin that offers integration with both Direct and Server, so you'll have the opportunity to use either, depending on your own needs and stomach for PCI DSS.