PCI compliant Customer's credit card info handling

Jakke · ‎March 17, 2022

We have a SaaS application that provides various communications services for our customers. We collect payment from our customers by making a charge against their credit card once per month. We are using the Payments API to do this.

Currently, we hold our customers’ credit card information in our database (encrypted, of course).

We would like to change this so that we do not collect or store the customers’ credit card information. We would prefer to store the credit card information in QuickBooks.

The ‘CardOnFile’ approach is close, but it requires us to collect the customer’s card information in order to create a CardOnFile object. We would like to avoid handling any credit card information at all.

Ideally, here is what we are looking for:

1. A customer signs up with our service.

2. We make a call to QuickBooks API to say “We have a customer who wants to store their credit card information. Please present them with a user interface so they can enter the information. Once you have collected and stored the information, send us an ID for this credit card”.

3. At the end of each month, we make a call to the QuickBooks API that says “Please charge this amount to the credit card that has this ID”. The amount can be different month to month.

Is there any way to use the API to implement step 2 above?

Ethel_A · ‎March 17, 2022

Welcome to the Community, @Jakke. I'll share some tips for entering and saving credit card information in QuickBooks Online for your customers.

You can maintain a record of your customer's credit card information. However, you will need to get the details once. Then, after saving the card number, you can only see the last four digits.

You can do this by going to your customer profile and adding their credit card information. Before doing so, connect your payment account to your QuickBooks Online (QBO). You can save your customers' information, and they will be able to pay their invoices online.

Here are the steps that you'll need to take:

Go to the Gear ⚙ icon.
Select Account and Settings.
Click the Payments tab and hit on Lean more.
You may now start your setup. Choose either QuickBooks Payments or an Existing account.

- In the Existing account section, select Connect or Link Merchant Service.
- In the window, select the QuickBooks Payment account you want to connect. Then select Connect.

Review the account info and make sure it's accurate. If everything looks good, click Connect.
Once done, sign out and sign back into QuickBooks Online for the changes to take effect.

You can check this article for more details: Connect your QuickBooks Payments account to QuickBooks Online.

After that, you may enter the credit card details for your consumers into their profiles. These are the steps to follow:

Go to the Sales menu.
Click the Customers tab.
Locate and select your customer and click Edit.
In your Customer profile, select the Payments and billing tab.
Select Credit Card from the Preferred payment method drop-down menu.
Enter the needed information and click Save when done.

I have these excellent articles for you to use as a reference while processing a credit card payment from a customer:

Let me know if you have additional questions about saving customers' credit card information. I'll be right here for you.

Topics

Training

Community

Resources

PCI compliant Customer's credit card info handling

PCI compliant Customer's credit card info handling

Need to get in touch?