Going live

In order to user Hyperswitch for accepting digital payments through a consumer facing website or mobile application there are three main prerequisites

Resources

Account with cloud service provider (AWS/ GCP) to host Hyperswitch application
Contractual relationship and active processing account with payment processor or acquirer (this will be in the form of API keys or merchant identifier)

Technical Know How

For deploying and managing application using Kubernetes
Handling a Web application written in Rust using Postgres (primary datastore), Redis (distributed key-value store for cached lookups), Prometheus/Grafana (monitoring), S3/CDN (serving static files)

Ensuring Compliance

Refer here to find out which level of PCI compliance applies to your business.

Report on Compliance (ROC): Engage an independent third-party Qualified Security Assessor (QSA) certified by the PCI-SSC to perform the PCI audit and share the findings. The ROC will be prepared by the QSA at the end of the PCI compliance activity. This is required only if your online business processes greater than 1 million card transactions per annum.

Quarterly Network scans: Engage an Approved Scanning Vendor for conducting quarterly network scans and submitting the scan reports to the payment processor/ acquirer

Self Assessment Questionnaire (SAQ): This is an assessment which can be self-completed by a business without engaging an Independent PCI Auditor, if your business processes less than 1 million card transactions per annum. A person responsible for the payment infrastructure within your organization fills out the SAQ. This could be the stakeholder who is the closest to your payment infrastructure - your Dev Ops Manager, or Information Security Officer, or CTO.

Go live checklist:

Here's a quick summary of everything you would need for going live with Hyperswitch:

Prerequisites

Go live checklist:

Monitoring

PCI Compliance

Security

Integrate with your app

Infra