VevoPay Payment Application

The PCI and PA-DSS Compliant Payment Application


VevoPay is an ASP.NET payment application that meets all PCI DSS requirements (PCI Data Security Standard). It has been audited and certified by the official qualified assessor for PA-DSS compliance (formally PABP/CISP compliance).
Why Use VevoPay?
Payment gateway integrations are critical to e-commerce stores. A lot of development resources are needed on custom integrations for each e-commerce store. VevoPay helps cutting down development time by pre-integrated with major payment gateways and define common programming interfaces.

Equally important, VevoPay is PCI compliance. It is also audited and certified PA-DSS compliance by the official qualified assessor. VevoPay runs as a separated web application. So, your e-commerce store does not need to be PCI compliance. You can see more details in PCI Compliant page.

Currently, there are a lot of open-source and commercial e-commerce solutions that claim to be PCI compliance without going through the official PA-DSS certification process. However, some of the solutions we have tested do not pass even the simplest PCI DSS requirements.

VevoPay contributors have integrated VevoPay into nopCommerce. By using VevoPay, the users of nopCommerce will be assured that they are compliant with PCI and PA-DSS security standard on the software side. Please see more information in Integration with Popular Shopping Carts.

For more information on PCI and PA-DSS, please see the article on PCI Compliant page.
VevoPay Feature Highlights
  • PCI and PA-DSS compliance.
  • VevoPay runs separately from your e-commerce store to minimize the PCI scope. You e-commerce store does not need to be PCI compliance.
  • Process credit card payments from major payment gateways.
  • Process account-based payment gateways, such as PayPal Standard and Google Checkout.
  • Support offline credit card number storage for manual processing.
  • Support recurring payments for PayPal Website Payments Pro US.
  • Support Address Verification System (AVS).
  • Web-based administration to manage Admin users, configurations, and encryption key.
  • Integration with popular e-commerce and shopping cart solutions, such as nopCommerce, by user contributions.
VevoPay Dataflow Overview
VevoPay is designed to allow seamless integration with the regular checkout flow of an e-commerce store.

Credit card data will be handled by VevoPay and sent to the payment gateways for processing. The data will not be received by the e-commerce store.

The diagram below shows regular checkout flow when using VevoPay to process credit cards.

VevoPay Process

  • 1)   The customer starts the checkout process on the e-commerce website and enters the payment stage.
  • 2)   The e-commerce store sends request to VevoPay to display credit card entry form.
  • 3)   Both e-commerce store and VevoPay display web pages on the customer's browser. The e-commerce store will display the outer components, such as header, footer, sidebars, while VevoPay will display credit card entry form.
  • 4)   The customer enters credit card data to VevoPay page.
  • 5)   The customer continues the checkout steps. He finally confirms the purchase.
  • 6)   The e-commerce website notifies VevoPay to charge the payment.
  • 7)   VevoPay sends the command to the payment gateway along with credit card data to charge the payment.
The scope of PCI compliance will be only limited to VevoPay and its related environment, but not include the e-commerce store. Please see PCI Compliant page for more information.
© 2006-2024 Vevo Systems Co., Ltd. All Rights Reserved.
Built For Success - Powered by VevoCart