When you accept credit or debit card payments, you need to ensure your customers’ information is carefully protected. This requirement can be costly and time consuming to implement and maintain. But when you get paid with PayPal, we help you out with this.
Don’t have a PayPal account? Sign up for free
PCI DSS (Payment Card Industry Data Security Standard) is a set of comprehensive requirements that all businesses that handle credit and debit payments must comply with, no matter how many transactions they process or how much they’re for. The standards help reduce the likelihood of financial data and identity theft, fraudulent payments and unauthorised transactions.
We help you comply with the stringent PCI compliance requirements for data protection both when processing payments and storing financial data. We hold certification under many programs and standards, including the Visa Cardholder Information Security Program, Mastercard Site Data Protection Program and the American Institute of Certified Public Accountant’s Statement on Standards for Attestation Engagements No. 18 SOC 1.
If you manage transactions yourself and touch, store, or transmit card details, you’ll need to obtain and maintain PCI compliance certification for your business. It’s a complex process, involving quarterly network scans and annual questionnaires so we recommend working with a certified security expert.
When you log in to PayPal, you connect with Transport Layer Security (TLS) and only with an HTTPS connection (HSTS).
We use key pinning on our apps to ensure your mobile only connects to true PayPal servers.
Our Information Security Policies and Controls are reviewed by independent third parties.