{"_id":"5c6c238ff7d5480039535565","category":{"_id":"5c6c238ff7d548003953555d","version":"5c6c238ff7d54800395355a0","project":"57336fd5a6a9c40e00e13a0b","__v":0,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-10-01T16:04:11.135Z","from_sync":false,"order":0,"slug":"welcome","title":"Quickstart"},"user":"560d5913af97231900938124","parentDoc":null,"project":"57336fd5a6a9c40e00e13a0b","version":{"_id":"5c6c238ff7d54800395355a0","project":"57336fd5a6a9c40e00e13a0b","__v":1,"forked_from":"5beb278ac442ab0213f009cf","createdAt":"2018-04-23T14:36:48.535Z","releaseDate":"2018-04-23T14:36:48.535Z","categories":["5c6c238ff7d548003953555d","5c6c238ff7d548003953555e","5c6c238ff7d548003953555f","5c6c238ff7d5480039535560","5c6c238ff7d5480039535561","5c6c238ff7d5480039535562","5beb278ac442ab0213f00990","5c6c238ff7d5480039535563","5c3f542c12c4ac004bc51718","5c928dba4aa821001ae4f050"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"Main","version_clean":"8976.0.0-Basics","version":"8976-Basics"},"githubsync":"","__v":0,"metadata":{"title":"","description":"","image":[]},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-10-15T15:08:55.765Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":1,"body":"In this tutorial, we're going to create a basic payment form and set it up to use BlueSnap's [Hosted Payment Fields](/v8976-Tools/docs/hosted-payment-fields). This will limit your PCI compliance burden to the simplest SAQ-A level, because sensitive payment data will never hit your server.\n\nWhen you're using Hosted Payment Fields, the credit card number, CVV, and expiration date are all saved directly to BlueSnap servers and associated with a token. Then you can use that token to process payments or save shopper details.\n[block:callout]\n{\n  \"type\": \"info\",\n  \"body\": \"If you already have a checkout page or app where shoppers can enter their payment information, you can jump ahead to [charging a card](doc:make-a-payment-payment-api).\"\n}\n[/block]\n##Basic checkout form\nTo begin, let's look at a typical checkout form *without *Hosted Payment Fields: \n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<!DOCTYPE html>\\n<html>\\n\\n<head>\\n  <meta charset=\\\"UTF-8\\\">\\n</head>\\n\\n<body>\\n\\n<form action=\\\"\\\" method=\\\"POST\\\" id=\\\"checkout-form\\\">\\n  \\n  <div>\\n\\t  <label for=\\\"creditCard\\\">Card Number</label>\\n\\t  <input type=\\\"text\\\" name=\\\"creditCard\\\" id=\\\"creditCard\\\">\\n  </div>\\n \\n  <div>\\n\\t  <label for=\\\"cvv\\\">Security Code</label>\\n\\t  <input type=\\\"text\\\" name=\\\"cvv\\\" id=\\\"cvv\\\">\\n  </div>\\n  \\n  <div>\\n    <label for=\\\"Expiration\\\">Exp. (MM/YYYY)</label>\\n      <input type=\\\"text\\\" name=\\\"exp-month\\\" id=\\\"exp-month\\\" size=\\\"2\\\">\\n      <span> / </span>\\n      <input type=\\\"text\\\" name=\\\"exp-year\\\" id=\\\"exp-year\\\" size=\\\"4\\\">\\n  </div>\\n\\n  <button type=\\\"submit\\\" id=\\\"submit-button\\\">Buy Now</button>\\n  \\n</form>\\n</body>\\n\\n</html>\",\n      \"language\": \"html\",\n      \"name\": \"Sample checkout form\"\n    }\n  ]\n}\n[/block]\nThe input fields in this sample include the basic required information that you typically have to provide to BlueSnap's API in order to process a credit card payment.\n\nHowever, if you have the shopper's sensitive credit card data sent directly to your server, you will be responsible for a high PCI compliance level, which most merchants prefer to avoid.\n\nTherefore you likely want to use [Hosted Payment Fields](/v8976-Tools/docs/hosted-payment-fields), as we will describe in this tutorial. Alternatively, you can implement [Client-side encryption](doc:client-side-encryption). \n\nIf you’re setting up a new shopper, we recommend that you add a shopper approval box to your checkout page so they have the opportunity to provide their consent to store their payment details; for example:\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/c8a0ea2-Store_my_card.png\",\n        \"Store my card.png\",\n        282,\n        22,\n        \"#e1e1e0\"\n      ]\n    }\n  ]\n}\n[/block]\nFor more information, see [Card on File](doc:card-on-file).\n\n<a class=\"btn btn-primary\" href=\"#\" role=\"button\">Back to Top</a>\n\n## Implementing Hosted Payment Fields\nFollow the steps [here](https://developers.bluesnap.com/v8976-Tools/docs/hosted-payment-fields) to implement Hosted Payment Fields in your checkout form.\n\n##Next: Start processing payments\nNow that you have a way to collect shopper payment information and get it to your server, you can jump right into processing your first payments. Refer to [Charge a card (Payment API)](doc:make-a-payment-payment-api).","excerpt":"Follow this tutorial to build your first checkout form, where you can collect payment information from your shoppers.","slug":"build-a-form","type":"basic","title":"Build a Checkout Form"}

Build a Checkout Form

Follow this tutorial to build your first checkout form, where you can collect payment information from your shoppers.

In this tutorial, we're going to create a basic payment form and set it up to use BlueSnap's Hosted Payment Fields. This will limit your PCI compliance burden to the simplest SAQ-A level, because sensitive payment data will never hit your server.

When you're using Hosted Payment Fields, the credit card number, CVV, and expiration date are all saved directly to BlueSnap servers and associated with a token. Then you can use that token to process payments or save shopper details.

If you already have a checkout page or app where shoppers can enter their payment information, you can jump ahead to charging a card.

Basic checkout form

To begin, let's look at a typical checkout form without Hosted Payment Fields:

<!DOCTYPE html>
<html>

<head>
  <meta charset="UTF-8">
</head>

<body>

<form action="" method="POST" id="checkout-form">
  
  <div>
	  <label for="creditCard">Card Number</label>
	  <input type="text" name="creditCard" id="creditCard">
  </div>
 
  <div>
	  <label for="cvv">Security Code</label>
	  <input type="text" name="cvv" id="cvv">
  </div>
  
  <div>
    <label for="Expiration">Exp. (MM/YYYY)</label>
      <input type="text" name="exp-month" id="exp-month" size="2">
      <span> / </span>
      <input type="text" name="exp-year" id="exp-year" size="4">
  </div>

  <button type="submit" id="submit-button">Buy Now</button>
  
</form>
</body>

</html>

The input fields in this sample include the basic required information that you typically have to provide to BlueSnap's API in order to process a credit card payment.

However, if you have the shopper's sensitive credit card data sent directly to your server, you will be responsible for a high PCI compliance level, which most merchants prefer to avoid.

Therefore you likely want to use Hosted Payment Fields, as we will describe in this tutorial. Alternatively, you can implement Client-side encryption.

If you’re setting up a new shopper, we recommend that you add a shopper approval box to your checkout page so they have the opportunity to provide their consent to store their payment details; for example:

For more information, see Card on File.

Back to Top

Implementing Hosted Payment Fields

Follow the steps here to implement Hosted Payment Fields in your checkout form.

Next: Start processing payments

Now that you have a way to collect shopper payment information and get it to your server, you can jump right into processing your first payments. Refer to Charge a card (Payment API).