Meeting the Payment Card Industry Data Security Standards (PCI DSS)
PCI DSS are a set of standards to help protect businesses and shoppers from data theft and fraud. It is mandatory for all businesses who accept card payments to comply by getting a PCI certificate. This applies to all types of card payments: online, by mail, over the phone or using credit card terminals.
There are 4 levels of PCI DSS compliance. These are based on the number of transactions processed by a business annually and how they are processed.
Opayo has the highest level (Level 1) of PCI DSS certification. View our PCI DSS certificate. This can reduce your compliance requirements.
Becoming PCI DSS compliant
You should speak to your merchant acquiring bank so they can refer you to their preferred Quality Security Assessor (QSA).
No matter what type of payments you're accepting (online, over the phone or using card machines), you'll only need one PCI certificate for your business
PCI certificates for businesses accepting online payments
If you're processing payments online through your website, the requirements for Direct integrations vary according to the number of transactions that you will be processing:
Direct integration |
|
---|---|
Level 4 compliance |
|
Level 3 compliance |
|
Level 2 compliance |
|
Level 1 compliance |
|
pcisecuritystandards.org/document_library?category=saq&document=saq