Credit Card Processing

Open Dental has integrated with three credit card processing companies. Each service must be enabled and set up before Credit Card Payments can be processed.

All support EMV transactions (credit cards with computer chips). See each page for terminal options.

PCI Compliance: Your credit card processor may offer to enroll you in Payment Card Industry (PCI) compliance tools/assistance or charge you non-compliance fees if you do not complete the annual PCI DSS Self-Assessment Questionnaire (SAQ). PCI Compliance is required by the credit card industry for all merchants. Compliance is very difficult and time consuming to achieve. Many merchants may determine that the cost of the non-compliance fees are less than the cost of compliance. The non-compliance fees are essentially a slush fund that the industry uses to pay out fraud claims. For more information:

If you are a payment processing company interested in direct integration with Open Dental, please see Direct Credit Card Integration with Open Dental.

Safely Storing Credit Card Information

XCharge, PayConnect, and PaySimple use tokens to safely encrypt and store credit card numbers and expiration dates. Storing tokens is optional.

When a token is saved, the credit card will be listed as a masked number on the Credit Card Manage Window.

Storing Tokens:

If you require the card to be present for all transactions, you may prefer to not store tokens.

To set the default storage option, see Account Module Preferences, Automatically store credit card tokens. You can also choose to save/not save a token when processing a single transaction (Save Token checkbox).

Warning: In version 17.3 and prior, the Account Module Preferences had a preference to Allow storing credit card numbers (this is a security risk). We recommend unchecking this preference. When enabled, this preference will store credit cards in Open Dental without tokens. Card numbers will not be masked and are not encrypted in the database. This is a security risk, violates credit card security guidelines, and is not recommended.