• General Integration
  • Consumer Payments
  • Consumer Billing
  • Healthcare
  • Claims Settlement

Consumer Payments

  • Consumer Initiated Payments
  • Staff Initiated Payments
  • Payment Plans
  • Tokenization
  • Automatic Payment Collection
    • Automatic Payments Enrollment
    • Automatic Payments Trigger
      • Balance File Specification
      • Balance File Acknowledgement
    • Auto Payment Collect Batch Enrollment
      • Batch Unenrollment
    • Automatic Payments Sign Up File
  • Receipts
  • Voids
  • Refunds
  • Payment Posting
    • Polling Payment Response
    • Posting File Formats
      • EOD Posting File 1.4
      • EOD Posting File 1.3
      • EOD Posting File 1.2.2
      • EOD Posting File 1.2/1.2 CR
      • EOD Posting File 1.2.1
      • EOD Posting File 1.1/1.1 CR
      • EOD Posting File 1.1.1
      • EOD Posting File 1.0
      • EOD Posting File X12 835 1.0
      • EOD Posting File X12 835 2.0
      • EOD Posting File Lockbox A
      • EOD Posting File Lockbox A1.1
      • EOD Posting File Lockbox B
      • EOD Posting File Lockbox C
      • EOD Posting File Lockbox C v2
      • EOD Posting File Lockbox D
      • EOD Posting File Lockbox E
      • EOD Posting File Lockbox F
      • EOD Posting File Lockbox G
      • EOD Posting File Lockbox G v2
      • EOD Posting File LockBox H
      • EOD Posting File Lockbox I v1
      • Member Payments EOD Posting File v1.0
      • Payment Deposit File
    • Webhook
    • Payment Transaction Import
      • Payment Transaction Import Data Fields
      • IDF Acknowledgement Data Fields
  • PCI Compliance
    • Recommended Options for PCI Compliance
    • Software Development Impact of PCI Compliance
    • Hosting Impact of PCI Compliance
    • P2PE Devices
  • Consumer Profile
    • Consumer Experience
    • Staff Experience
  • Digital Wallet
  • Member Payments
    • Manage Member Payment Methods
    • New Member Payment
    • View Member Payment History
    • View Member Payment Receipt
    • Member Payments Webhook
  • Member Effectuation
  • Request Sandbox API Key
  • Contact
  • Terms of Service
Skip to content
InstaMed Developer Portal
  • General Integration
  • Consumer Payments
  • Consumer Billing
  • Healthcare
  • Claims Settlement
  • Consumer Initiated
    • In App Apple Pay
  • Staff Initiated
  • Payment Plans
  • Tokenization
  • Automatic Payment Collection
    • Enrollment
    • Trigger
      • Balance File Specification
      • Balance File Acknowledgement
    • Batch Enrollment
      • Batch Unenrollment
    • Sign Up File
  • Receipts
  • Voids
  • Refunds
  • Payment Posting
    • Polling Payment Response
    • Posting File Formats
      • EOD Posting File 1.4
      • EOD Posting File 1.3
      • EOD Posting File 1.2.2
      • EOD Posting File 1.2/1.2 CR
      • EOD Posting File 1.2.1
      • EOD Posting File 1.1/1.1 CR
      • EOD Posting File 1.1.1
      • EOD Posting File 1.0
      • EOD Posting File X12 835 1.0
      • EOD Posting File X12 835 2.0
      • EOD Posting File Lockbox A
      • EOD Posting File Lockbox A1.1
      • EOD Posting File Lockbox B
      • EOD Posting File Lockbox C
      • EOD Posting File Lockbox C v2
      • EOD Posting File Lockbox D
      • EOD Posting File Lockbox E
      • EOD Posting File Lockbox F
      • EOD Posting File Lockbox G
      • EOD Posting File Lockbox G v2
      • EOD Posting File LockBox H
      • EOD Posting File Lockbox I v1
      • Member Payments EOD Posting File v1.0
      • Payment Deposit File
    • Webhook
    • Payment Transaction Import
      • Payment Transaction Import Data Fields
      • IDF Acknowledgement Data Fields
  • PCI Compliance
    • Recommended Options
    • Software Development Impact
    • Hosting Impact
    • P2PE Devices
  • Consumer Profile
    • Consumer Experience
    • Staff Experience
  • Digital Wallet
  • Member Payments
    • Manage Payment Methods
    • New Payment
    • View Payment History
    • View Receipt
    • Webhook
  • Member Effectuation
  • Request Sandbox API Key
  • Contact
  • Terms of Service

Hosting Impact of PCI Compliance

PCI security standards apply to Hosting Providers and Merchants that accept payments

SAQ Levels

The PCI security standards have created three levels of security and compliance for merchants that use eCommerce applications (card not present). These three levels correspond to the following self-assessment questionnaires (SAQ):

  • SAQ A
    Integration Difficulty Level: LOW
    Compliance Difficulty Level: LOW 
    Use InstaMed’s Recommended PCI Compliant Options
  • SAQ D 
    Integration Difficulty Level: HIGH
    Compliance Difficulty Level: HIGH
    Build your own user interface and use web services without Client Side Encryption to leverage InstaMed’s payment solutions.

Read more about distinctions and impacts of SAQ levels.

SAQ A Requirements

  1. Do not use vendor-supplied defaults for system passwords and other security parameters
  2. Identify and authenticate access to system components
  3. Restrict physical access to cardholder data

Full details of SAQ A

SAQ D Requirements

  1. Install and maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored cardholder
  4. Encrypt transmission of cardholder data across open, public networks
  5. Protect all systems against malware and regularly update anti-virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need to know
  8. Identify and authenticate access to system components
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for all personnel

Full details of SAQ D

Build a better healthcare payments experience with InstaMed

Talk With an InstaMed Expert
  • Contact
  • Terms of Service

InstaMed is a wholly owned subsidiary and is a registered MSP/ISO of JPMorgan Chase Bank, N.A. Additionally, InstaMed is a registered ISO of Wells Fargo Bank, N.A., Concord, CA; a registered ISO of U.S. Bank, N.A.; and a registered MSP/ISO of Elavon, Inc. Georgia.

  • Facebook
  • Twitter
  • RSS
  • LinkedIn
  • YouTube

© 2021 JPMorgan Chase & Co. All rights reserved.Privacy StatementTerms of Use