At Zai, we take security very seriously. One of the ways that Zai ensures a secure environment for customers is through it’s adherence to the Payment Card Industry (PCI) Data Security Standard (PCI DSS).
The PCI DSS is a set of security standards designed to ensure that all companies that accept, process, store or transmit card information maintain a secure environment.
As a business that accepts, processes, stores or transmits card data, you are also required to undertake your own compliance assessment and review your PCI compliance obligations regularly.
Although Zai provides a number of integration methods to help you in managing your PCI requirements, your specific requirements will vary depending on how your business interacts with credit card data. Your integration to Assembly may not be the only thing that affects your own PCI Compliance obligations.
As an example, many of our customers also manage card information in other forms such as mail or telephone orders, EFTPOS terminals and so on, which will lead to PCI obligations that extend beyond how they’re integrated into Zai. Stay on top of it by regularly assessing and reviewing your own PCI compliance obligations.
The PCI Security Standards Council has produced a getting started guide and a quick reference guide that can you can help you work out what your obligations are.
If you require more information, we recommend contacting the PCI Security Standards Council or engaging a PCI Qualified Security Assessor to further understand your obligations and requirements under PCI DSS.