My company recently landed a merchant account but the merchant processor we use has a very limited payment gateway module for processing sales through our shopping cart. One of the big negatives if that that it can't authorize first but simply capture only. This is bad for us. BUT worse than that, the cart is not communicating properly with their payment gateway module and details are being sent. The merchant has basically told us that the gateway is limited and if we hate it, we need to look elsewhere for better gateway gateway solutions.

I'd love to use a payment gateway system that I am familiar with like Authorize dot net but Authorize dot net uses direct checkout and my website is not currently PCI complaint, a requirement of my merchant processor. I guess the majority of sites just turn on Authorize dot net and take sales without giving any thought to PCI complaint regulations? I know I didn't for years but want to do it right this time so we don't loose this current merchant processor.

I've been looking into PCI complaint rules and the process takes a lot of time, so I'm seeking an alternative for now.

Recently, I've researched using iframes for checkouts and really like this as a solutions. Obviously with this, the credit card form appears as if it is onsite but it is actually an offsite form shown through an iFrame. Cool! The idea of mimicking the onsite appearance, still means that I'm not hosting the credit card form which should reduce PCI issues.

The problem is, I can't find any payment gateways like Authorize dot net, PayJunction, that are iframe compatible? I hear that 2checkout is iframe on a lot of sites but 2checkout is really a merchant processor and gateway in one like PayPal. I really need to find a payment gateway that can work with my processor and also be iframe compatible.

Does anybody know of any? Any suggestions are greatly appreciated.