
PCI DSS compliance
Complying with the latest industry security standards will help safeguard your customers and your business against theft and fraud.
Enquire nowWhat is PCI DSS?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of mandatory requirements designed to safeguard cardholder data. PCI DSS compliance is mandatory for any business that processes credit and debit card transactions and vital for companies that want to keep their customersā data secure.
Each transaction your business processes will involve sensitive cardholder information. This data must be processed, stored and transmitted securely to protect your customers and your business from the increasing threat of fraud.
Benefits of PCI DSS compliance
The global standard
PCI DSS consists of 12 high-level requirements across six categories. Some or all the 12 may be applicable to you depending on the nature of your business, and whether you store card data or not.
Compliance with PCI DSS is mandated by all the Card Schemes (including VisaĀ® and MastercardĀ®) and applies to all businesses that accept credit and debit cards. A global forum ā the PCI Security Standards Council ā oversees the standard. The council released the latest update (version 4.0) on 31/3/22. PCI DSS v3.2.1 remains valid until 31/3/24.


Using a hosted payment solution
If you decide to use a Hosted Payment Page (HPP) to process e-commerce transactions, the most secure approach is to outsource your card data to a payment service provider. This allows you to keep the data totally segregated from your e-commerce environment at all times.
Even with this arrangement, you should use āpenetration testingā which can verify that the data doesnāt enter your businessās environment, giving you peace of mind that your customersā data is safe.
Frequently asked questions
How do you want to take payments?
Card readers
For businesses that need to take payments face to face at the till, at a table or away from their premises.
Online
For businesses who rely on taking payments through their website or other digital channels, including pay by link.
Over the phone
For businesses who need a secure way to take payments when a cardholder is not present.