Being involved in the processing, transmission, or storage of credit card data must comply with the PCI Data Security Standards (PCI DSS). PCI compliance is shrinking the footprint of where a Cardholder's data is located throughout an organization. Stripe makes it easy to be in compliance. With Blackthorn | Payments, you attain reduced scope PCI compliance by using our Virtual Terminal or PayLink features, and can become fully PCI compliant by taking a PCI DSS Self-Assessment Questionnaire.
- Note, Blackthorn does not offer this information as legal advice. If you do seek complete PCI compliance, we recommend hiring a PCI compliance auditor to audit your practices. Our information here is for guideline purposes only, not as legal advice.
PCI Compliance Guide:
"The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID (MID)." "The PCI Security Standards Council is a global open body formed to develop, enhance, disseminate and assist with the understanding of security standards for payment account security."
Salesforce has stringent security standards and Stripe is PCI service provider level 1- the most stringent level of certification available in the payments industry. Blackthorn | Payments does not store card or ACH details, it only stores the Card ID, which is a unique ID generated by Stripe. Blackthorn | Payments also complies with Stripe's usage requirements of utilizing TLS (Transport Layer Security) with either Checkout or Stripe.js. Click here for additional information.
If you need to provide someone else with an Attestation of Compliance (AOC), and/or you are asked to fill in a PCI DSS Self-Assessment Questionnaire (SAQ), then Stripe will already have you covered! Just go to your Stripe security settings and click on “View completed document”. They will have pre-filled the documents for you.
Updated about 1 year ago