Developer Discussions
Query Regarding PCI DSS Requirements with Maya Vault Integration
Hi Maya Team,
We are in the process of integrating Maya Vault for our subscription services and had a few questions regarding PCI DSS compliance.
We want to collect card details securely without having to handle PCI DSS scope on our backend. Could you please confirm the following:
Can we use the Maya JavaScript SDK (e.g., createCreditCardForm) to securely collect and tokenize card details directly in the browser?
If we use the SDK and card details are sent directly to Maya’s servers without passing through our backend, does that remove our application from PCI DSS scope?
Are there any specific frontend implementation guidelines we should follow to stay compliant?
Looking forward to your confirmation so we can proceed with a secure and compliant integration.
Best regards,
Nisar