We’ve had some request this week from users to clarify exactly how our payment system works.
Your security is very important to our team. So, we wanted to make sure that it’s clear for anyone who is considering an upgrade.
Here are some of the questions that were most commonly asked:
What happens when I enter my credit card and CRC codes, and click SUBMIT?
- We prepare an asynchronous HTTPS request to Paymill’s API. Any sensitive data is sent directly to Paymill, which returns a paymillToken or Error.
- Once we receive the paymillToken from Paymill’s API, we add the following input to our form:$form.append’<input type=”hidden” name=”paymillToken” id=”paymillToken” value”” + result.token + “”>’
- Afterwards, we send POST form data (e.g. billing address + paymillToken) to our server.
What happens to my sensitive inputs such as my “card-number” or “card-security-number”?
These sensitive inputs do not name attributes. They are ignored and will not be present in the POST form data. For more information, please visit: http://goo.gl/5948R2.
Will any of my credit card data be transferred, logged, or saved on your servers?
No, none of your credit card data will ever be transferred, logged, or saved to the Testomato servers! The paymillToken simply proves that you can pay for our services.
How exactly does the Paymill bridge work?
To learn more about the bridge, please read Paymill’s documentation: http://goo.gl/ZwzAGn.
You can also check out this blog post to learn more about our paid plans.
Still have more questions?