PCI Compliance for Payment Providers

We understand your need to be compliant with Payment Card Industry (PCI) regulations when processing card payments and ebs is a key part of that process. This section explains how ebs interacts with ePayment providers and describes the security controls included in ebs that assist with overall PCI compliance.

ebs integrates with a number of third-party ePayment providers to process and validate card payments. All providers are PCI compliant and card data is secured during processing and is not shared with ebs.

Note: Your third-party ePayment provider does not expose credit card information to ebs during processing and card information is not retained by ebs.

The following security controls secure ePayments in ebs:

You must have the Institution Settings role in the ebs: central Apps/Enqs/Enrols group to view or configure institution settings for ePayments.

Institutions Settings role

Back to top

You can view, but not alter or amend, references to third-party ePayment transactions on the Receipts tab in the Payments screen of the Enrolments module.

The following diagrams illustrate the ePayments processing sequence for each provider:

The following diagram illustrates the interaction between ebs and Access PaySuite (Pay360).

Note: Refer to Access PaySuite for further information about the data transmitted during the payment process.

Capita Secure Card Portal (SCP) processing sequence

Note: Access PaySuite (Pay360) is Payment Card Industry Data Security Standard (PCI DSS) certified .

Back to top

The following diagram illustrates the interaction between ebs and Civica Paylink.

Note: Refer to Civica Paylink for further information about the data transmitted during the payment process.

Civiva Paylink processing sequence

Note: Civica Paylink is Payment Card Industry Data Security Standard (PCI DSS) certified.

Back to top

The following diagram illustrates the interaction between ebs and Paysafe.

Note: Refer to Paysafe for further information about the data transmitted during the payment process.

Paysafe processing sequence

Note: Paysafe is Payment Card Industry Data Security Standard (PCI DSS) certified. Refer to Paysafe for more information about Paysafe checkout integration and compliance with PCI SAQ-A.

Back to top

The following diagram illustrates the interaction between ebs and Worldpay.

Note: Refer to WorldPay for further information about the data transmitted during the payment process.

Worldpay processing sequence

Note: WorldPay is Payment Card Industry Data Security Standard (PCI DSS) certified.

Back to top

The following diagram illustrates the interaction between ebs and Windcave.

Note: Refer to Windcave for further information about the data transmitted during the payment process.

DPS processing sequence

Note: Windcave is Payment Card Industry Data Security Standard (PCI DSS) certified.

Back to top

The following diagram illustrates the interaction between ebs and Netbanx.

Note: Netbanx API is not supported for new customers

Netbanx (v5) processing sequence

Note: Paysafe NETBANX is Payment Card Industry Data Security Standard (PCI DSS) certified.

Back to top

Note: Further information about how the payment industry develops and adopts data security standards is available from the PCI Security Standards Council.