Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard mandated by major card schemes, which applies to organizations that handle branded credit cards. The standard is administered by the Payment Card Industry Security Standards Council.

Under the PCI DSS, payment service providers and businesses that handle credit card data must follow extensive security protocols and data management practices to protect customers and merchants.

MultiSafepay is fully PCI DSS certified. This means you can accept credit card payments through MultiSafepay payment pages even if you are not PCI compliant.

Required information on your website

If you accept card payments, you must include the following information on your website:

• Official company name and registration number in the companies register
• Full company address, email address, and phone number
• VAT number
• Your cancellation and privacy policies
• Terms and conditions for customers in your checkout, preferably with a checkbox

Security testing

In accordance with our PCI DSS certification and other obligations, we regularly perform security checks on our system. This includes penetration tests, which are a form of ethical hacking that simulate a cyberattack to identify and fix vulnerabilities.