ISV FAQ

Our Most Frequently Asked Questions

How long does it take to integrate to Paragon?

The Paragon interface was built to support standard XML and web services interfaces such as WSDL. This robust and flexible design allows for a quick and easy integration. In addition, our Service Oriented Architecture means we can easily add new features, such as support for new security requirements, to our interface without requiring our software partners to change a single line of code once integration has been completed. 

What languages and platforms does the API support?

Our API is language- and platform-independent, so developers are free to use whatever language and platform with which they feel most comfortable. Two interface options with identical functionality are also provided: an XML POST option and a SOAP Web Service option.

What is Tokenization?

Tokenization works by moving actual cardholder data offsite to a PCI DSS compliant storage facility. Paragon’s servers work to create and then return a unique reference pointer (or token) to the software application. Using the token (which contains no actual cardholder data itself), customers can bill a card on file and schedule automatic payments.

What is Card Account Updater?

Card Account Updater gives customers the option to seamlessly update stored cards on file for reasons such as expired or lost/stolen cards that have been replaced with new card numbers.

What is Point-to-Point Encryption?

Point-to-point encryption (P2PE) technology ensures sensitive credit and debit card data is protected from first card swipe or key-entry, while in transit, all the way to the payment processor. We support the most advanced encrypting devices, allowing for point-to-point encryption of cardholder data.

What hardware devices does Paragon support?

We support a wide array of encrypting card reading devices, from simple card readers to driverless PIN pads to all-in-one devices.

What is PCI DSS?

This is an acronym for the Payment Card Industry Data Security Standard. The PCI DSS is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect their customers from identity theft and security breaches. Under the PCI DSS, a business or organization should be able to assure their customers that its credit card data/account information and transaction information is safe from hackers or any malicious system intrusion. There are 12 key requirements to achieving PCI DSS compliance.

What is PA-DSS?

This is an acronym for the Payment Application Data Security Standard. The PA-DSS is a set of security standards created by the PCI Security Standards Council for software distributed software applications that store, process or transmit payment cardholder data as part of authorization or settlement. To stay in scope of PA-DSS, software providers must undergo the process of validating their application or applications.  There are 14 key requirements to achieving PA-DSS compliance.

What does it mean that Paragon is a Level 1 PCI DSS compliant facility?

Our systems have gone through an extensive security audit by a QSA (Qualified Security Assessor) which has deemed that the Paragon Processing Platform meets industry security standards.

What is a validated service provider?

Both issuers and merchant banks must use, and are responsible for ensuring that their merchants use, service providers that are compliant with the PCI DSS. Validated service providers must conduct an annual on-site PCI security assessment and perform quarterly network scans audited by a Qualified Security Assessor (QSA).

Contact Us

Ready to see our API or open a test account?  Looking for more information on our Partner Programs?  A Merchant with a question?  We are here to help!

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search

Skip to content