I’m working on the PCI DSS compliance for a client of mine, and I’m trying to find the least-restrictive SAQ which the client will need to complete. Can my client implement the Dwolla API on the client-side through JS to avoid having cardholder data transit their servers or will it need to transit their servers to send it to Dwolla?
The Dwolla network doesn’t connect up with credit cards. More info on that here: help.dwolla.com
If you’re looking to work with bank accounts over ACH, we have options in our white label product to avoid having the account and routing numbers hit your server.