CardPointe payment processing tokenizes sensitive data, safeguarding your customers from a data breach and lessening the burden of PCI compliance.
Businesses that use CardPointe can offer their customers the ability to checkout with a saved card on file, with sensitive data being stored on CardPointe’s servers and not the business’s systems. The CardPointe plugin supports the WooCommerce Subscription extension.
Click here for more information.
Please note that WooCommerce (v4.0+) must be installed and active.
The latest version of WooCommerce (v5.5.2) is supported.
The WooCommerce Subscriptions extension (v3.0.x) is fully supported.
PHP should be (v7.1+)
Please note that ReCaptcha key are required to use this plugin
You must contact your sales agent to receive the account credentials specifically for this plugin to work. Those credentials are different than what is provided for the Virtual Terminal. Refer to Fiserv’s WooCommerce Support page for more details.
Security Best Practices
While not required, it is strongly recommended that you configure your site to meet the following security best practices:
- Secure your checkout page with an SSL (secure socket layer) certificate.
- As of version 3.3+, recaptcha is built in and required in live mode, and you must configure your WooCommerce > Payments settings to include ReCapthca keys.
Version 3.3.3 of the plugin includes the following new settings to help prevent fraud and carding events carried out by malicious scripts and bots:
- Maximum Credit Card Attempts
This setting limits the number of authorization attempts for a given payment card. Once the limit is exceeded, the card will be banned from use on the plugin. Must be a value from 3 (default) to 5 attempts.
Banned cards are displayed in the Currently Banned Card Tokens list. To re-enable a banned card token, you can select it and click Delete Selected Tokenized Card(s) to remove it from the list. The default setting is 3 attempts.
- Rate limiting
This setting limits the number of payments a cardholder can attempt to make in a given amount of time. The default setting requires a minimum of 3 seconds between payments.
- Maximum order attempts
This setting limits the number of attempts to submit a payment for a given order. Must be a value from 3 (default) to 10 attempts.
See Configuring the WooCommerce Plugin for more information.
Additionally, we strongly recommend using the iFrame tokenization method for capturing customer payment card numbers. Select Enable IFRAME API on the WooCommerce> Settings >Payments tab to enable the Hosted iFrame Tokenizer on your checkout form for an additional layer of security. See Advanced Tokenization Settings for more information.
Note: If the security of your webpage becomes compromised, Fiserv reserves the right to disable your CardPointe merchant account.
- Upload plugin files to your plugins folder, or install using WordPress built-in Add New Plugin installer;
- Activate the plugin;
- Configure the plugin settings in WooCommerce > Settings > Payments > CardPointe
- Contact your sales representative for your merchant ID and credentials, and to activate your account for WooCommerce usage.
- Obtain ReCaptcha V2 keys for your site, from https://www.google.com/recaptcha/admin/ and enter them into the WooCommerce settings for this plugin.