MySagePay
Login >

Highest level of security & compliance

Sage Pay makes it easy for you to become PCI DSS compliant

Meeting the Payment Card Industry Data Security Standards (PCI DSS)

PCI DSS are a set of standards to help protect businesses and shoppers from data theft and fraud.  It is mandatory for all businesses who accept card payments to comply by getting a PCI certificate.   This applies to all types of card payments: online, by mail, over the phone or using card machines.

There are 4 levels of PCI DSS compliance.  These are based on the number of transactions processed by a business annually and how they are processed. 

Sage Pay has the highest level (Level 1) of PCI DSS certification.  View our PCI DSS certificate

 

Becoming PCI DSS compliant

You should speak to your merchant acquiring bank so they can refer you to their  preferred Quality Security Assessor (QSA). 

No matter what type of payments you're accepting (online, over the phone or using card machines), you'll only need one PCI certificate for your business

Form integration

Form integration​

All compliance levels
  • All compliance levels  
  • Simplified PCI compliance using an online self-assessment questionnaire.

 

Server & Inframe integration

Server & Inframe integration

All compliance levels

  • All compliance levels
  • Simplified PCI compliance using an online self-assessment questionnaire with monthly or quarterly vulnerability scans.

 

Direct integration

Direct integration

Level 4 compliance
  • Level 4 compliance Less than 20,000 transactions/annum       
  • Simplified PCI compliance using an online self-assessment questionnaire with monthly or quarterly vulnerability scans.
Level 3 compliance
  • 20,000 - 1M transactions/annum
  • Remote assessment, compliance validation, monthly vulnerability scans (via 10 IPs) and SSL certificate validation.
Level 2 compliance
  • 1-6M transactions/annum​
  • Remote assessment, compliance validation, monthly vulnerability scans (via 50 IPs) and SSL certificate validation.
Level 1 compliance
  • 6M+ transactions/annum
  • Onsite assessment, penetration test and monthly vulnerability scans.
  • Prices available on request

All compliance levels

All compliance levels
  • All compliance levels  
  • Simplified PCI compliance using an online self-assessment questionnaire.