Meeting the Payment Card Industry Data Security Standards (PCI DSS)
PCI DSS are a set of standards to help protect businesses and shoppers from data theft and fraud. It is mandatory for all businesses who accept card payments to comply by getting a PCI certificate. This applies to all types of card payments: online, by mail, over the phone or using card machines.
There are 4 levels of PCI DSS compliance. These are based on the number of transactions processed by a business annually and how they are processed.
Sage Pay has the highest level (Level 1) of PCI DSS certification. View our PCI DSS certificate. This can reduce your compliance requirements.
Becoming PCI DSS compliant
You should speak to your merchant acquiring bank so they can refer you to their preferred Quality Security Assessor (QSA).
No matter what type of payments you're accepting (online, over the phone or using card machines), you'll only need one PCI certificate for your business