Sage Pay Go with Direct integration
Sage Pay Go with Direct integration is essentially a white-label payment solution, giving you complete control over the way you process card payments.
Direct integration is ideal if you:
want complete control over the checkout process
want to manage your entire payment process internally
want to develop your own payment software (e.g. for a call centre)
are looking for a payment gateway that integrates with popular e-commerce platforms or your existing back office software
have your own transaction reporting and management area
can invest in data security measures such as certificates, audits and vulnerability scans
are willing to maintain a higher (often more costly) level of PCI DSS compliance
How it works
Direct integration enables you to collect your customers' payment information on your own secure servers and securely pass card details across to Sage Pay to carry out authorisation and store them safely. This means that you can completely tailor the payment process to suit your business requirements.
When integrated with your e-commerce website, your shopper never moves from your URL. This method of integration is also suitable for designing your own payment software, such as those used in call centres for accepting telephone payments.
- You present your customer with your own secure payment page to enter their card details.
- The payment details are sent in a secure HTTPS POST from your server to our payment gateway.
- Sage Pay sends back the results of the authorisation for you to display to your customer on your confirmation page.
- Sensitive card data is stored at Sage Pay even if you're also collecting and storing it yourself.
- You capture payment data in a way to suit your own transaction managment and reporting tools.
What else do I need to know?
You'll need to invest in your own PCI DSS certification using this self-hosted solution - the data collection and transference on your side must be compliant.
We recommend that you maintain your own dedicated server for easier management of your PCI certification.
You'll need a 128-bit SSL certificate to secure your payment pages when using Direct integration.
If you can't install a security certificate for your payment pages you should consider using Server & inFrame integration instead.
Safely keep and re-use your customers' card details using our Token System, available with this method of integration.
Setting up PayPal as another payment option requires development when using Direct integration - it's simpler to add if you're using our other integration options.
If you have any questions call us on 0845 111 44 66 or email us.
Information for developers
- You'll need to be able to make HTTPS POSTs from scripts on your server (using something like OpenSSL on Linux platforms, or the WinHTTP object in Win32).
- A message is POSTed directly from your servers to ours across a 128-bit encrypted session and can't be tampered with or understood by anyone other than Sage Pay.
- Direct integration can be handled using standard scripting languages like ASP, ASP.net, PHP etc.
- Direct integration kits, protocols and guidelines are available to download from our online help centre when you register for a website account.