Hosted Fields


In order to be eligible for the easiest level of PCI compliance - SAQ A - certain payment fields on the checkout page must be hosted securely. This requires you to host the information on an external payment gateway's domain and present the fields to your users in a frame or with a redirect.

Our Hosted Fields solution accomplishes this by rendering an iframe to handle input of the following payment fields on your checkout page:

  • Card number
  • CVV
  • Expiration date
  • Postal code

This provides you with the ability to customize the look and feel of your web page while ensuring that you are compliant with PCI requirements.


Here's an example of a configured Hosted Fields integration. Hosted Fields is incredibly flexible and can be styled an infinite number of ways.

If you're upgrading from the custom integration, see our upgrading from custom guide.

Hosted Fields is built for merchants who want SAQ A eligibility and control over the styling and layout of their page. If you are looking for a quicker way to start accepting payments and are not concerned with customizability, see our Drop-in integration.

Hosted Fields vs. Drop-inanchor

Here's a general overview of the differences between custom with Hosted Fields and the Drop-in integration.

Custom with Hosted Fields Drop-in
  • SAQ A PCI compliant
  • Create your own payment form using your existing styles and layout
  • Customize the behavior and experience of your checkout
  • SAQ A PCI compliant
  • Fastest way to integrate with Braintree
  • Pre-formatted payment form
  • Includes PayPal button ¹

¹ When enabled in your Control Panel. See Enter your PayPal credentials in the Braintree Control Panel.

Browser supportanchor

Learn more about browser support for v2 of our JavaScript SDK.

Next Page: Setup and Integration