PCI-DSS (Payment Card Industry Data Security Standard)

Category: legal

A set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.

Compliance is mandatory for any merchant or gateway. It involves strict controls around network firewalls, encrypted transmission of data, and regular vulnerability scanning. Failure to comply can result in massive fines, increased transaction fees, or the permanent loss of the ability to process card payments.

Common Examples

• Every component of our e-commerce stack is subject to annual PCI-DSS level-one certification audits to guarantee data transmission integrity.
• Outsourcing the card-input form to a PCI-DSS compliant hosted-field ensures the sensitive data never touches our own server infrastructure.