In order to be eligible for the easiest level of PCI compliance – SAQ A – certain payment fields on the checkout page must be hosted securely. This requires you to host the information on an external payment gateway's domain and present the fields to your users in a frame or with a redirect.

Braintree's Hosted Fields solution accomplishes this by rendering an iframe to handle input of the following payment fields on your checkout page:

  • Card number
  • CVV
  • Expiration date
  • Postal code

This provides you with the ability to customize the look and feel of your web page while ensuring that you are compliant with PCI requirements.


Here's an example of a configured Hosted Fields integration. Hosted Fields is incredibly flexible and can be styled an infinite number of ways.

See more examples of Hosted Fields integrations.


  • SAQ A compliant
  • Collect postal code for AVS
  • Customize the checkout behavior and use your existing styles and layout
  • Allows you to localize/translate your checkout

Browser support

Learn more about browser support for v3 of our JavaScript SDK.

Next: Setup and Integration →

Still have questions?

If you can’t find an answer, contact our Support team.