The Payment Card Industry (PCI) Security Standards Council is an organization established by the major card brands, including Visa, Mastercard, Discover, American Express, and JCB. Its purpose is to enhance credit card security through the creation and maintenance of standards for the proper handling of credit card information. The PCI Data Security Standard (PCI DSS) outlines the measures merchants should take to minimize the risk of fraud and boost customer confidence in using credit cards for payments.

As a merchant, you are required to comply with PCI DSS, a comprehensive set of requirements developed by the major card brands to facilitate the adoption of consistent data security measures.

Authorize.Net conducts annual security scans to ensure our payment gateway services comply with PCI DSS, as appropriate for our specific role in the credit card payment process. You can learn more about our PCI Compliance by visiting the Visa Global Registry of Service Providers.

Your Merchant Service Provider may require your business to comply with PCI DSS, depending on your business's internal credit card handling procedures and the security of any third-party software that may handle or store credit card data. For more information on whether you need to demonstrate PCI Compliance, please contact your Merchant Service Provider.

Authorize.Net does not directly participate in establishing, evaluating, or validating merchant PCI compliance requirements. For general information about the Payment Card Industry Security Standards Council and their Data Security Standard, please visit PCI Security Standards.

Authorize.net is working with SecurityMetrics, a leader in data security and compliance, to make this process quick and easy for you. If you are not PCI compliant and need help, you can get started here.

Additional Resources:

• PCI Security Standards for Merchants
• Find a Qualified Security Assessor