PCI-DSS (root360)

Component description

The Payment Card Industry Data Security Standard (PCI-DSS) defines uniform rules for securing credit card data, as this sensitive information requires special protection. Root360’s platform is PCI-DSS Level 1 certified and can therefore provide PCI-DSS compliant cloud environments. While the majority of AWS services already have PCI-DSS compliance out of the box, we provide our PCI-DSS compliant architectures, processes and workflows according to https://www.pcisecuritystandards.org/.

PCI-DSS - The Payment Card Industry Data Security Standard

PCI-DSS (Payment Card Industry Data Security Standard) defines a security standard for credit card data that is binding for all institutions that process cardholder data or store credit card data. This data security standard was developed by American Express, Mastercard, Visa Inc, JCB International and Discover Financial Services. Its goal is to protect online merchants and end users from fraudulent attacks, card misuse and theft.

Security breaches are to be avoided by adhering to this standard. This is not only a recommended organizational structure for handling sensitive cardholder data within the company concerned, but also a technical specification. The basic requirement for this security standard is that it is taken into account by all parties involved in the credit card transaction.

PCI-DSS certification is required if a locally executed and self-developed checkout form is used. But even if the additional software for payment processing used by the online store accepts the credit card data on its own server, PCI certification is essential - e.g. Visa or Mastercard PCI compliance. The same applies if a store operator stores the cardholder data in its own systems.


For root360 Managed Services pricing please contact our Service Team.

Related tutorials