Build and maintain a secure network and systems
Protect cardholder data
Maintain a vulnerability management program
Implement strong access control measures
Regularly monitor and test networks
Maintain an information security policy
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle credit card and debit card information. Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around credit card data to reduce credit card fraud via its exposure.
If you want to sell online and accept payments from Visa, Mastercard, American Express or Discover credit cards, your software and hosting needs to be PCI compliant. More details: www.pcisecuritystandards.org
Payment security is paramount for every merchant, financial institution or other entity that stores, processes or transmits cardholder data.
The PCI Data Security Standards help protect the safety of that data. They set the operational and technical requirements for organizations accepting or processing payment transactions, and for software developers and manufacturers of applications and devices used in those transactions.
Maintaining payment security is serious business. It is vital that every entity responsible for the security of cardholder data diligently follows the PCI Data Security Standards.
VTEX is certified PCI DSS compliant.