Re: [External Sender] Guidance regarding secured/hosted fields for PCI (Payment Card Industry) Compliance

Usually, unless you do something unusual and/or complicated, sticking to
the HTML standards (programmatically associated form labels,
fieldset/legend for groups, titles for iframes), will be fairly compliant.

On Mon, Nov 19, 2018 at 1:37 PM Beth Martin <martin.bethann@gmail.com>
wrote:

> Hello,
>
> I'm looking for some additional guidance regarding secure fields needed
> for PCI (Payment Card Industry) compliance for ecommerce.  Payment
> providers now offer a solution for a higher level of conformance where each
> payment field (credit card number, CVV, and expiration date) is a
> DOM-injected iframe, comprising of a `label`, `input`, error validation,
> styling, and focus management.  These iframed fields are referred as
> "secure fields" or "hosted fields".
>
> We are working with our payment provider to improve their markup, however,
> if they followed all form and iframe related guidelines, would there be any
> other concerns regarding accessibility?
>
> Thanks!
>
> Beth Martin
>


-- 
*Brian Lovely*
Digital Accessibility
804.389.1064
________________________________________________________

The information contained in this e-mail is confidential and/or proprietary to Capital One and/or its affiliates and may only be used solely in performance of work or services for Capital One. The information transmitted herewith is intended only for use by the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying or other use of, or taking of any action in reliance upon this information is strictly prohibited. If you have received this communication in error, please contact the sender and delete the material from your computer.