What Does It Mean to be PCI Compliant?

Payment Card Industry (PCI) compliance is all about protecting sensitive cardholder data. Any company that stores, processes or transmits cardholder data is required to be compliant and adhere to the industry’s set of data security standards, referred to as PCI DSS. Depending on the number of Visa transactions processed annually, merchants are classified within four merchant levels which are used to determine the assessment and validation requirements.

Invoice Cloud is a Level 1 Service Provider, a level given to any merchant that processes in excess of six million Visa transactions per year, and has the highest level of validation requirements. We have ongoing efforts in place to maintain a secure environment and to demonstrate our compliance we are required to undergo a rigorous PCI audit each year, performed by a Qualified Security Assessor. In addition, PCI requires ongoing security activities including quarterly network vulnerability scans.

Service providers that meet the standards of security compliance are included on the Visa Global Registry of Service Providers list. The Registry can be used to verify compliance and is accessible at http://www.visa.com/splisting/searchGrsp.do. Our listing can also be viewed here.