What is PCI DSS Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle credit card and debit card information. Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around credit card data to reduce credit card fraud via its exposure.
If you want to sell online and accept payments from Visa, Mastercard, American Express or Discover credit cards, your software and hosting needs to be PCI compliant.
Shopify meets all 6 categories of PCI standards
This compliance extends to all online stores powered by Shopify
Maintain a Secure Network
Protect Cardholder Data
Maintain a Vulnerability Management Program
Implement Strong Access Control Measures
Regularly Monitor and Test Networks
Maintain an Information Security Policy
Is Shopify PCI compliant?
Yes, Shopify is certified Level 1 PCI DSS compliant. This compliance extends to all online stores powered by Shopify.
We are very serious about securely hosting your online store and have invested significant time and money to certify our solution is PCI compliant. From annual on-site assessments validating compliance to continuous risk management, we work really hard to ensure our shopping cart software and ecommerce hosting is secure.
Shopify is certified PCI compliant in the following documents:
How do I become PCI compliant?
All Shopify online stores are automatically PCI compliant. When you choose Shopify to power your online store, you can rest easy knowing that we invested significant time and money to obtain our Level 1 PCI certification and that our certification covers your online store, its shopping cart and web hosting.
To learn more about the role of data security in customer trust, take a look at our PCI Compliance Checklist: Plus, 17 Ways to Increase Security, Trust & Sales