Change to custom checkout JavaScript

With CardCorp merchant accounts, you can integrate with a custom checkout.

As a security measure to comply with PCI-DSS 4.x, when you create an order with a custom checkout, the API returns the integrity hash as part of the response.

When you load the payment iframe with JavaScript, include the integrity hash.

In addition, to comply with PCI-DSS 4.x, on your payment page, you should implement a Content Security Policy (CSP) and use change detection scans and notifications.

See Integrate with custom checkout and payment iframe.