Twilio now supports PCI Compliant over the phone payment capturing with the Programmable Voice
<Pay> TwiML Verb! <Pay> is built on Twilio’s existing Programmable Voice product, and allows you to easily integrate a <Pay> Connector to securely process payments. Best of all, our PCI DSS Level 1 Compliance means that Twilio meets the highest compliance standards, so you don’t need to worry about compliance requirements.
Notice: The <Pay> TwiML Verb is currently in beta, and has not yet been finalized. For more information on Support limitations for beta products, please see our article Twilio Beta Product Support.
PCI Compliant Twilio Projects
To start using <Pay>, you will need to first enable PCI Mode on your Twilio project. You can make this change through the Twilio project Console.
Alert: This is a permanent change; we are unable to disable PCI Mode from your project. Because the PCI security requirements also restrict call data for troubleshooting, we recommend creating a new Twilio project specifically for collecting payments with <Pay>.
From your new project, here's how to enable PCI Mode:
- Login to your account at www.twilio.com/console.
- Click Programmable Voice .
- Click Settings.
- Click Enable PCI Mode.
Payment Gateway Connectors
<Pay> Connectors are Twilio project add-ons that allow you to process payments for credit card information collected with <Pay> through a payment gateway provider. Our launch payment gateway connector is Stripe, with other connectors coming in the future. Connectors can be added to your project from Console, and just require you to enter your account information. For a more detailed walkthrough of setting up a payment gateway, please see <Pay> Connectors (Twilio Docs).
Where is <Pay> Supported?
The <Pay> verb works in any country that meets the following two criteria:
- Twilio offers phone numbers from this country.
- The Payment Gateway accepts payments from this country.
Note: Stripe's international capabilities can be found at stripe.com/global.
How Does <Pay> Work?
Using <Pay> takes the hassle out of collecting and processing credit card information. All of the credit card number, expiration date, and security code input commands are automated with <Pay> - you'll just need to call out the parameters for how much to charge, and which <Pay> Connector to use. You can find the full list of parameters, along with code samples at TwiML Voice: <Pay> (Twilio Docs).
Collect a Payment with <Pay>
To request and process a payment over the phone, you’ll need to respond to a Twilio request for TwiML with the <Pay> verb. Here’s an example of what a <Pay> payment request TwiML script might look like:
<Say>Your amount due is $29.99. Payment processing will begin now.</Say>
This example reads the
<Say> message, and then request credit card information for the $29.99 specified in the
chargeAmount parameter, and try to process this payment via payment connector named
twloStripe. Once the payment information has been collected, it will be processed with twloStripe; the result from this processing will be sent in a callback to the
action parameter url where you can respond by advising the caller if the payment failed or was successful.