Versions Compared

Old Version 4

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Payment Card Industry Data Security Standards (PCI DSS) are network security and business practice guidelines adopted by Visa, MasterCard, American Express, Discover Card, and JCB to establish a 'minimum security standard' to protect customer’s payment card information. It is a requirement for all merchants that store, transmit, or process payment card information.

 

How does my business become PCI compliant?

The easiest way to become compliant is to use PayU Business or if you intend to store, transmit, or process payment card information; the responsibility of being PCI compliant remains with you by ensuring that you:

  • Build and maintain a secure network to protect payment card information
  • Maintain a vulnerability management program
  • Implement strong access control measures
  • Regularly monitor and test networks
  • Pass quarterly remove vulnerability scans
  • And more …

 

Who created the PCI DSS standard?

...

PCI DSS applies to ALL organisations or merchants, regardless of size or number of transactions; that accepts, transmits or stores any card-holder data. In other words; if any customer of an organisation makes a direct payment to the merchant by means of a credit card or debit card, then the PCI DSS standard apply.Contact us to enquire if you need to comply..

 

Is PayU PCI compliant?

PayU adheres to international PCI (payment card industry) compliance standards for data security for the credit card data handled by PayU.All internal process stricly adheres to the PCI-DSS level 1 ceritifcation - the highest that can be achieved.

 

Should I become PCI compliant?

PCI compliance requires the merchant to do the following

  • Build and maintain a secure network to protect payment card information
  • Maintain a vulnerability management program
  • Implement strong access control measures
  • Regularly monitor and test networks
  • Pass quarterly remove vulnerability scans

Merchants using the PayU redirect integration method (either on Easymerchant or PayU business) are not required to be PCI compliant as their customers are redirected to PayU who then handles the card data on the merchant's behalf.

Merchants using the Enterprise API integration method are strongly advise to investigate the possiblity of becoming PCI compliant as they will handle and transmit card data data. The best starting point would to do the self assesment here.

 

For more information we advise that you contact the nearest Qualified Security Assessor (QSA).