Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard mandated by major card schemes that applies to organizations which handle branded credit cards. The standard is administered by the Payment Card Industry Security Standards Council.

MultiSafepay is fully PCI DSS certified.

Credit cards

Under the PCI DSS, payment service providers and businesses that handle credit card data must follow extensive security protocols and data management practices to protect customers and merchants. MultiSafepay is PCI compliant and you can accept credit card payments through MultiSafepay payment pages even if you are not PCI compliant.

Required information on your website

If you accept credit card payments, you must include the following information on your website:

• Official company name in the companies register
• Full company address
• Company registration number
• VAT number
• Contact details, e.g. email address and phone number
• Cancellation policy and privacy policy
• General terms and conditions for customers on the checkout page, preferably with a checkbox

Testing security

In accordance with our PCI DSS certification and other obligations, we regularly perform security checks on our system. This includes penetration tests, which are a form of ethical hacking that simulate a cyberattack in order to identify and fix vulnerabilities.