|
|
|
|
|
|
by hakfoo
1241 days ago
|
|
|
Some gateways offer a more decoupled concept-- you can have one API account, but set it up to route the transactions to different processor accounts based either on predefined rules or an API field during the individual transaction. The nice thing about this is that you can still use the gateway's client-side stuff (i. e. the "embedded form" that reduces your PCI compliance scope) and a single API for all transactions. I'd think that would mitigate most of the risk, because then the gateway usually is a relatively neutral middleman-- the processors are more in contact with the actual money and more likely to be the true source of arbitrary and weird behaviour, so I can concur it makes sense to be less dependent on them. |
|
|