Secure Payment Page

To help you comply with the Payment Card Industry Data Security Standard (PCI DSS), the program uses a secure payment page to process biographical billing information and payment information for the Advanced Donation Form, Event Registration Form, Membership Form, and Payment 2.0 parts. The program also uses it to secure credit card updates for the Transaction Manager part. Users enter the information on a secure payment web page that is hosted on a separate Blackbaud server from your website.

Note: Whether you host your site or Blackbaud hosts your site, the secure payment page on the hosted Blackbaud server processes credit card payments only.

When a user submits a credit card payment on the Payment 2.0 part, the user navigates through a series of pages. First, a user enters the amount and biographical information on your site. When the page is complete, the user clicks Check out.

The program uses the style sheet, layout, template, and page for desktop browsers and mobile devices to display the secure payment page on the Blackbaud server. On this page, the user enters billing and payment information, such as credit card details.

Note: Your organisation can use the Template 1.0 static page or Template 2.0 responsive page for your secure payment page. However, if you are using the static page, we recommend you upgrade to the responsive page to provide an optimal experience for website users on various devices. For information about upgrading an individual static secure payment page to a responsive one, refer to Upgrade a Blackbaud secure payment page. For information about upgrading all static secure payment pages, across all of your websites at the same time, refer to Secure payment page template update.

To complete the transaction, the user clicks Pay now. The secure payment page uses Blackbaud Payment Service to transmit the users’s information and process the credit card transaction. For more information about Blackbaud Payment Service, see the Payment Application Data Security Standards Implementation Guide.

Warning: Your code tables in Blackbaud CRM for countries and their subdivisions, such as counties and provinces, must follow the International Organisation for Standardisation’s ISO 3166 standards. The secure payment page uses ISO 3166-1 for countries and ISO 3166-2 for subdivisions such as counties. If your code tables do not match these standards, Blackbaud Secure Payment changes selections to the closest abbreviation when it processes transactions, and this can lead to incorrect address information. For example, if your countries table includes “United Kingdom,” The secure payment page changes this to the United States abbreviation “US” because it is the closest abbreviation to “Un.” In ISO 3166-1, the abbreviation for the United Kingdom is “GB,” and your code table must match this. For information about how to edit your code tables in Blackbaud CRM for countries and their subdivisions, see the Administration Guide.