Adding a new card via API and PCI compliance

Adding a new card via API and PCI compliance

Hi everyone,

there might be something I am missing here, but here is what I understand :

if I want to add a card, I see in the API description  here that I have to send the card number with my credentials in the headers (company_id + auth_token).

If I do that on our server's side, I have to have the customer credit card details hit our server and I am not allowed to do that, because we are not  PCI compliant (and we do not plan to be !).
The other solution would be to do this from the client's side but I would then be giving away my  Zoho credentials. Anyone would then be able to remove all customers from my  Zoho account for example.

How then is this part of the API useful ? Is it designed to only be used by PCI compliant merchants ?

If I am correct on the above, I think it would be very helpful to have an encryption/token system (like Stripe does for example) to still be able to use this API while not having to go into the trouble of the PCI certification.

Best regards,
Mathieu

      • Sticky Posts

      • Introducing Invoice Consolidation for Offline Subscriptions

        Hello Folks, Glad to announce the feature of Invoice Consolidation for Offline Subscriptions. If you are having multiple subscriptions for your customers, now, you can send a single consolidated invoice for all the Offline Subscriptions that are getting renewed on the same date. Advantage?  Customers will be receiving single invoice instead of multiple invoices upon renewal. Also reduces your efforts in follow-up with your customers for payment collections. For Example: If Customer has Subscription
      • New feature: Create back-dated subscriptions

        Hello from the Zoho Subscriptions team. :)   We’re happy to announce that today marks the launch of a much-awaited feature: creating back-dated subscriptions!   From here on out, whenever you create a new subscription with an activation date that is earlier than the present date, you’ll no longer get an error. Instead, you'll be creating a back-dated subscription. This means that the subscription started at that earlier point in time. The next billing date will be calculated automatically based on
      • Announcement Regarding Notification Emails

        Hello Everyone! This announcement is regarding the admin notification emails which you've been receiving from the email address "support@zohosubscriptions.com". From the 1st of October, 06:00 GMT, the emails with the following subjects will be sent from "no-reply@zohosubscriptions.com". Unable to send invoice for the profile - {profile_name} Unable to process auto payments. If you have set up any filters or workflow in your email account, please add "no-reply@zohosubscriptions.com” and  “support@zohosubscriptions.com”
      • Zoho Subscriptions plugin for WordPress

        Zoho Subscriptions plugin for WordPress allows you to easily embed your plan specific checkout page in an iframe with just a few mouse clicks and without a single line of code. How can WordPress Zoho Subscriptions Plugin boost your productivity? It's now easier to embed Zoho Subscriptions checkout page in your WordPress site. Forget the old method of logging in to Zoho Subscriptions, copying a URL and scripting to make adjustments. All this can be done automatically through this plugin. A great time
      • Indian GST organisation Migration Guide

        With respect to the new GST regime releasing on July 1, 2017in India, Zoho Subscriptions Indian edition is also gearing up to make your business GST Ready. This article focuses on how to get your existing organisation in Zoho Subscriptions to migrate to the new GST regime.    Note:  Any organisation created on or after July 1, 2017 will already be GST ready. You wouldn't have to migrate your organisation. Migrating your existing organisation to support GST To migrate your existing organisation to