The Direct Connection implementation allows for purchases to be submitted directly to Rapid 3.1. This allows processing of transactions in one server side call.
Since card data is passed via the server, one of the following must be used to ensure compliance with card data regulations:
- Provide proof to eWAY of PCI-DSS complaince of the merchant's environment
- Use Client Side Encryption to encrypt the card data on the customer's browser
Transactions not involving credit card data (such as a recurring token payment) may be processed without proof of compliance. In the eWAY Sandbox, PCI compliance can be enabled via the Sandbox Settings.