The Payment Card Industry Data Security Standards (PCI DSS) is a set of information security standards created and managed by the Payment Card Industry Security Standards Council (PCI SSC) for organizations that store, process, or transmit credit card data.
The major card brands (including Visa, Mastercard, Discover, and American Express) require PCI DSS compliance.
Finix helps you and your users validate compliance with PCI DSS by providing the necessary forms and verifying the submitted information. Users can include any entity that stores, processes, or transmits credit card data.
PCI Levels
There are four levels of PCI compliance. If the requirements apply to you or a user, the entity will need to meet that level of PCI DSS compliance before it can process payments.
| PCI Level | Applies to |
|---|---|
| PCI Level 1 |
|
| PCI Level 2 |
|
| PCI Level 3 |
|
| PCI Level 4 |
|
Finix is certified as a Level 1 Payment Card Industry Data Security Standards (PCI DSS) compliant Service Provider.
Validating PCI DSS Compliance
Every one of your sellers eligible to process payments is required to validate compliance with PCI DSS annually.
Sellers can validate compliance by completing and attesting to a Self Assessment Questionnaire (SAQ).
Finix takes care of the heavy lifting and creates the SAQ compliance forms your sellers need to complete. Finix pre-fills some information based on the information collected from you as part of the implementation process.
For information on how you and your sellers can validate compliance with PCI DSS, see Managing PCI Compliance.