All-in-One API Integration
Combining all the most popular payment solutions in a single package, eWAY’s Rapid 3.1 API also includes fraud prevention, transparent redirect, and direct connection to help developers create secure, perfectly rendered payment pages on all devices.
Client Side Encryption
eWAY’s Client Side Encryption securely encrypts sensitive credit card information in the customer’s browser so that a non-pci compliant merchant can accept the form data on their system and then process the payment directly with eWAY using Rapid 3.1 API Direct Connection.
This allows merchants to handle the front end of the payment process completely and then process the payment in their back end. Customers have a uniform payment experience on the merchant’s website creating confidence and improving sales.
How it works
Asymmetric encryption is used to encrypt the sensitive data using a public key from an RSA public/private key pair. The data is then only able to be decrypted by eWAY’s servers using the stored private key. The public key is made available to the merchant for encryption, however the private key is retained by eWAY so that only eWAY is able to decrypt sensitive data.
In this way a merchant can simply encrypt the sensitive data in the client browser, then pass it through their server and make the direct payment with eWAY