Understanding these terms helps you protect your business and your customers.
PCI DSS (Payment Card Industry Data Security Standard)
PCI DSS is a set of mandatory security standards for any organization that accepts, processes, stores, or transmits credit card information. The goal is to maintain a secure environment to reduce credit card fraud. These standards are governed by the PCI Security Standards Council, which was founded by the major card networks (Visa, Mastercard, American Express, etc.).
Frequently Asked questions (FAQs)
- Do I need to be PCI compliant to use Charge for Stripe?
By using Charge for Stripe, you are greatly simplifying your PCI compliance requirements. Because the app uses Stripe to handle all sensitive card data, that data never touches your own servers or devices. Stripe is PCI Level 1 compliant (the highest level). You are still responsible for ensuring your business practices are secure, but the most difficult technical aspects are handled for you. - What happens if a business is not PCI compliant?
Non-compliance can lead to severe consequences, including hefty fines, increased transaction fees, or even having your ability to accept card payments revoked. - How does Stripe help with PCI compliance?
Stripe’s systems are fully PCI compliant. When you use Charge for Stripe, card data is encrypted and sent directly to Stripe’s secure environment. This means the compliance burden on you, the merchant, is significantly reduced.
Related terms: