Hi everyone,
I am trying to better understand how we might approach an auto-renewal program for web gifts and remain PCI DSS compliant. We built a custom website and credit card data entered by the customer passes through the payment gateway to Vantiv (to do its thing) and then our processor (to do its thing). We do not store credit card data in Tessitura.
I'd love to hear how you've implemented auto-renewal on your website. How do you tokenize the credit card data used in the transaction? Do you offer payment management functionality? If so, what was your approach?
Thank you!
We're trying to sort through how that would work if we went to tokenization, and we've been distressed to find out that most of the companies that offer it have very limited ability to re-use a tokenized card (often only for refunds of specific orders), and they tend to purge cards very quickly (i.e. 3 months or so). This is probably okay if you're buying widget X from Amazon with a 90 day return policy, but it's not okay when you can buy a ticket to a performances up to 16 months ahead of the date (which is quite possible for us.