Recommended Options for PCI Compliance

Reduce your compliance costs by using InstaMed’s recommended options


Any system that has access to cardholder data or unencrypted credit card number is subject to PCI compliance requirements. This includes any website or application where:

  • Users key in card numbers directly into your application (including websites where the data is encrypted later)
  • Users input card numbers using unencrypted devices

You can avoid touching credit cards by using encrypted card entry devices or using InstaMed options that handle card numbers for you.

Staff Facing Application

Consumer Facing Applications


InstaMed supports other configurations where you can maintain your own PCI compliance. 

Staff-Facing Application

  • REST, SOAP or NVP API with unencrypted card readers
  • REST, SOAP or NVP API with card numbers manually keyed into your application

Consumer-Facing Application

  • REST, SOAP or NVP API with consumers keying card numbers directly into your application