Page MenuHomePhabricator
Create Task
Maniphest T252713

Info for moving Adyen off of IFrame and onto Hosted Payment Page
Closed, ResolvedPublic
Actions

Description

I wanted to get some information into the 'Phab' universe around what moving to Adyen's Checkout/ hosted payment page options would entail:

  1. Adyen's dropin solution which provides a single integration to support the vast majority of Adyen’s payment methods. You can find dropin

docs here and view the full list of supported payment methods via dropin. You can see a full demo of Adyen dropin integration on this adyen hosted site - https://www.mystoredemo.io/#/
https://docs.adyen.com/checkout/drop-in-web.

Supported methods: https://docs.adyen.com/checkout/supported-payment-methods

  1. Adyen also offers component specific integrations. These function very similar to dropin but only support 1 payment method. You can find the docs for Adyen component integrations available here. Components are great for merchant who only want to show a single method to the shopper or want more control over the payment method selection process.

https://docs.adyen.com/checkout/components-web

Related Objects

Event Timeline

EMartin created this task.May 13 2020, 7:50 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 13 2020, 7:50 PM
DStrine added a project: FR-Adyen.May 18 2020, 3:06 PM
DStrine moved this task from Triage to Q3 2021-2022 on the Fundraising-Backlog board.Jun 1 2020, 6:20 PM
EMartin added a comment.Dec 9 2020, 3:39 PM

Putting this piece of info here follow up a call that DS and Elliott had with Adyen since it is impactful to our consideration on which upgrade approach to take:

Since we last spoke, we did some researching on our end and found documentation from the Security Standards Council explaining how iFrames is PCI compliant and only requires a SAQ-A. I have also confirmed internally that the Drop-in integration only requires a SAQ-A to be provided annually to Adyen. (PCI Standards Link)

image.png (156×643 px, 64 KB)

EMartin added a comment.Dec 16 2020, 7:01 PM

Adyen came back to explain that Pay-by- Link won't work for us so the Drop in solution would be the way to go if we upgrade:
Hey Evelyn,

After discussing Wikimedia’s integration with our product team, I’m sorry to say we aren’t able to offer Pay By Link as a direct HPP replacement to Wikimedia. Our checkout team has positioned PbL as an integration add-on intended to fulfill specific use cases like email or chat messaging. Adyen feels confident that a native Drop-In solution will fit merchants' checkout flows better than a hosted PbL can while providing a better overall experience.

To give you a little more background behind the scenes at Adyen, Pay By Link is a much more resource intensive payment option which requires us to maintain and track the state of the payment link (as opposed to our components which are stateless). Because of our confidence in our Drop-In solution in place of HPP, PbL hasn’t been scaled to handle the type of volume Wikimedia would throw at it.

I know we talked a good deal about PbL on our call, so I am of course happy to answer any more questions you might have about our Drop-In solution as well. I also double checked with our compliance team who assured us that based on Adyen’s risk appetite, the SAQ A has been assessed as the most suitable documentation for our encrypted solutions (checkout) as all the credit card activities are outsourced to us. If your auditor has any more PCI related questions, we are happy to address those as well.

I am very sorry for the miscommunication on this issue initially!

Best,
Tyler

DStrine mentioned this in T271076: Step 1: Investigate Adyen drop-in-web.Jan 3 2021, 11:02 PM
DStrine mentioned this in T277120: Epic: Adyen reintegration, Drop In Web .Mar 11 2021, 12:41 AM
DStrine closed this task as Resolved.Jan 10 2022, 6:51 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits