Security

At StrataPay we are required to adhere to the highest of security standards. The most important of these standards is the Payment Card Industry Data Security Standard (PCI DSS) which is enforced by major credit providers. 


The standard outlines a set of comprehensive requirements around how we manage sensitive credit card data. Due to our significant transaction volume we maintain the topmost level of security with Level 1 PCI DSS Compliance. 


View the StrataPay Compliance Certificate.

What is PCI DSS Compliance?

Payment card industry (PCI) compliance is mandated by credit card companies to help ensure the security of credit card transactions in the payments industry. Payment card industry compliance refers to the technical and operational standards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card processing transactions. PCI standards for compliance are developed and managed by the PCI Security Standards Council.

Being PCI compliant means consistently adhering to a set of guidelines set forth by the PCI Standards Council. PCI compliance is governed by the PCI Standards Council, an organization formed in 2006 for the purpose of managing the security of credit cards. The requirements developed by the Council are known as the Payment Card Industry Data Security Standards (PCI DSS). The guidelines are are also considered security best practices. Its six major requirements include the following:

  • Build and Maintain a Secure Network and Systems
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy

How does StrataPay ensure our clients security?

StrataPay has the world's highest payment security accreditation - PCI DSS Level 1 and is proud to be 'on the list' of the Visa Global Registry of Service Providers (the Registry), located at (www.visa.com/onthelist) which acknowledges service providers that have shown their commitment to security by meeting the requirements of the PCI Standard and we provide continued support and commitment to safeguarding the payment industry.