Welcome to our Technical Kickoff!

We're excited to partner with you and help you start building on the TabaPay APIs. Before diving in, we have one important question:

Are you accepting payment cards for your service?

If the answer is yes, this guide will walk you through what you need to know to ensure you are PCI compliant before collecting or handling any card data.

📘
What is PCI DSS?
PCI DSS stands for Payment Card Industry Data Security Standard. Also see PCI Security Standards Council.
For more information on PCI, refer to PCI DSS Compliance with TabaPay Card Processing.

How to Become PCI compliant with TabaPay

The process depends on on two factors:

Your card volume, and
Your card entry method (how you collect cardholder data).

Learn more about volume and card entry criteria along with the types of documents your team will need to submit to TabaPay.

📘
Do you have a SAQ D or a 3rd party for PCI?

If you are using a 3rd party for PCI, please let us know who it is at help@tabapay.com.

If you have you own Self-Assessment Questionnaire (SAQ) D please contact help@tabapay.com for more information to get started.

How to Collect Cardholder Data Through TabaPay

You can capture card holder data using a PCI compliant environment and pass tokenized card data.

1. Use the Browser SDK (Recommended)

The Browser SDK allows you to securely collect cardholder data in a PCI-compliant way and tokenize it.

2. Pass your TabaPay Tokens

Store payment instruments securely and pass only tokenized data using:

Create Account API: Generates a unique accountID token
TabaPay Tokens: Overview of accountID/tokens

3. RSA Encryption (Alternative PCI Path)

If you maintain your own PCI environment and want to pass encrypted card data directly:

PCI Helper - RSA

Recipes