For On-Prem Setup
Last updated
Was this helpful?
Last updated
Was this helpful?
In order to use Hyperswitch for accepting digital payments through a consumer facing website or mobile application there are three main prerequisites
Resources
Account with cloud service provider (AWS/ GCP/Own Cloud) to host Hyperswitch application
Contractual relationship and active processing account with payment processor or acquirer (this will be in the form of API keys or merchant identifier)
Technical Know How
For deploying and managing application using Kubernetes
Handling a Web application written in Rust using Postgres (primary datastore), Redis (distributed key-value store for cached lookups), Prometheus/Grafana (monitoring), S3/CDN (serving static files)
Ensuring Compliance
Report on Compliance (ROC): Engage an independent third-party Qualified Security Assessor (QSA) certified by the PCI-SSC to perform the PCI audit and share the findings. The ROC will be prepared by the QSA at the end of the PCI compliance activity. This is required only if your online business processes greater than 1 million card transactions per annum.
Self Assessment Questionnaire (SAQ): This is an assessment which can be self-completed by a business without engaging an Independent PCI Auditor, if your business processes less than 1 million card transactions per annum. A person responsible for the payment infrastructure within your organization fills out the SAQ. This could be the stakeholder who is the closest to your payment infrastructure - your Dev Ops Manager, or Information Security Officer, or CTO.
Here's a quick summary of everything you would need for going live with Hyperswitch:
Set up an outgoing proxy outside the Kubernetes cluster for all external communication originating from the Hyperswitch application.
Direct all outbound traffic through this proxy for monitoring and control purposes.
Route incoming traffic to the Hyperswitch-server through an incoming proxy.
This proxy should handle traffic filtering(WAF), rate limiting, request validation, and integration with DDoS protection services before traffic reaches the Kubernetes cluster.
You are good to go to run Hyperswitch in production and provide your customers with a safe, reliable, and smooth payment experience.
to find out which level of PCI compliance applies to your business.
Quarterly Network scans: Engage an for conducting quarterly network scans and submitting the scan reports to the payment processor/ acquirer
The above installation guides include vault as well, but you will need to activate the vault by following the steps mentioned in .
Hyperswitch does not share card BIN data automatically. BIN (Bank Identification Number) data helps identify the card issuer, card type, and country of issuance. This is available as an add-on service. Reach out to us at to access.
Aggregate your logs across instances and (e.g. Grafana Loki) for storing and viewing your logs
If you are storing card data make sure your as per our instructions.
To access the PCI Attestation of Compliance (AOC) document on Hyperswitch, simply navigate to the Compliance section under settings in the Hyperswitch Dashboard. If you need further assistance, you can also email at
Make sure your application (Frontend/Backend) is set up to handle all the
Keep track of new releases/bug fixes and make sure to
Make sure your (api-key) is not exposed on the front-end (website/mobile app).
on our dashboard to receive notifications for different events.
Update Hyperswitch’s webhook endpoints on your connector’s Dashboard. for detailed instructions.
Make sure your API integration is set up to handle all the possible error scenarios (refer this ).
Ensure your Unified Checkout (SDK) integration is set up to handle all the possible error scenarios (refer this ).
For more details, kindly refer to the .
Ensure a blended look and feel of the payment experience using the of Unified Checkout.
On Kubernetes
On AWS