Guides
Start typing to search…

How do I know if I'm PCI compliant

An overview of PCI compliance and PCI SAQ applicability

PCI compliance refers to certifying compliance with the data security protocols prescribed by the Payment Card Industry Data Security Standard (PCI-DSS).

PCI-DSS is not a security solution in its own right. Instead, it establishes a standardised framework for ensuring that sensitive card data is received, transmitted, and stored securely in the digital environment and provides a method of measuring and certifying the compliance of stakeholders handling sensitive card data.

Exploring the full scope of the PCI-DSS framework is beyond the focus of this article, but it's worth noting that a cardinal rule of PCI-DSS is where you don't have to handle sensitive card data, you shouldn't.

For most merchants, that's easy because CardCorp is a Third Party Service Provider (TPSP) of PCI-certified technical systems that handle all sensitive card data from the point of entry into the Card Data Environment (CDE).

CardCorp's hosted iframe checkout is a PCI-compliant TPSP solution that you can load directly on your merchant website. It securely receives, transmits, and stores all sensitive card data in the CardCorp payment gateway, obviating the need for merchants to handle sensitive card data themselves. You can load the hosted iframe checkout using a webshop plugin or by integrating with the COPYandPAY API or using the BillPro payment platform.

When you use TPSP systems and do not handle sensitive card data, to certify compliance, you need to complete a PCI Self Assessment Questionnaire (SAQ), in this case, PCI-SAQ-A. When you apply with CardCorp, we will prepare this document for you and submit it to your acquirer with your application.

Complying with PCI-DSS protocols can be complex and multi-faceted for entities that receive, transmit and store card data. Still, for those that utilise PCI-certified TPSP systems, PCI compliance is relatively easy to achieve and maintain.


Questions?
Sign up on our website and talk with our payment experts for a free assessment of your business's PCI-DSS requirements.

Updated 21 days ago

Recommended Reading

Find out more about CardCorp merchant accounts and integrations