World-Class Security for Online Payments

What Exactly Is PCI DSS?

PCI DSS is a set of technical and operational requirements designed to maximise cardholder data protection. The standard has been put forth and is periodically updated by the credit card networks, the most notorious of which are Visa, MasterCard and American Express.

The Payment Card Industry Security Standards Council (PCI SSC) is the official regulatory institution that enforces the best-practice guidelines for securing e-commerce and PCI compliance.

Twispay is a PCI-DSS Level 1 Payment Service Provider. You are in good hands.

Do I Need to Be Compliant?

The short answer is YES. Every merchant that accepts online credit-card payments is required to be PCI-DSS compliant.

Even though Twispay will be in charge of collecting, processing, and storing encrypted cardholder data, you must still complete a few PCI-DSS compliance measures.

The great news is that, for an annual online transaction volume that does not exceed 6 million transactions, you can ensure compliance by filling out a simple self-assessment questionnaire (SAQ), and allowing Twispay to handle everything else.

The Best and Quickest Solution?

It is called iFrame. The latest updates to the PCI DSS standards clearly state that using an iFrame results in minimum PCI requirements on the part of the merchant. Here's a key section of the document:

“At present, a merchant implementing an e-commerce solution that uses iFrames to load all payment content from a PCI-DSS compliant service provider may be eligible to assess its PCI compliance using a reduced list of controls identified in SAQ A, the smallest possible subset of PCI-DSS requirements, because most of the PCI DSS requirements are outsourced to the Payment Service Provider (PSP).”