PCI compliance
It's no rocket science
Last updated
Was this helpful?
It's no rocket science
Last updated
Was this helpful?
The current payment networks are built on a chain of trust between banks, card networks, payment processors and merchants. And the result is that "everyone needs to take responsibility" for secure handling of card information.
PCI compliance is not determined not enforced by any Government body. It is a set of standards created by the Payment Card Industry Security Standards Council.
Payment Card Industry Security Standards Council (PCI-SSC), was an independent body created by the card networks in 2006. The independent body publishes and manages PCI security standards. However, the enforcement of these standards falls to the card networks and payment processors.
We have open sourced our PCI certified card vault application code along with the deployment scripts which you can self-host. By the time you complete this guide, you will be running a PCI complaint card vault on your server and also be ready to get PCI certification.
Understand PCI compliance requirements with respect to your application and complete the Self Assessment Questionnaire to obtain PCI compliance:
Completing the SAQ
A simplified recipe to fast track obtaining PCI compliance. This includes a project tracker, documentation templates and automation scripts