Buya PCI DSS Compliance

PCI DSS is a security standard mandated by card payment processors and issuers. To accept payments and process payment card details, you must either be PCI DSS compliant, or use an already PCI DSS compliant service like Buya to process payments.

  1. PCI DSS Compliance

    The Payment Card Industry Data Security Standard (PCI DSS) is a security standard mandated by the major credit card schemas, Visa, Master Card, American Express, Discover and JCB. The purpose of this standard is to make sure that online merchants that process card payments are meeting a necessary level of security.

    The PCI DSS standard defines hundreds of security controls to make sure sensitive data is not leaked, and that card details are protected. The PCI DSS qualification is conducted by certified QSAa and renewed every 12 months.

    Buya is fully PCI DSS compliant, and using Buya means you don't have to!

  2. Card Tokenization

    To allow merchants to perform payment actions such as charges and refunds on payment cards, Buya uses tokenization. For each card processed by the merchant, Buya keeps the original details of the card, and the merchant receives a token. The merchant can then interact with the payment card using the token, without keeping any sensitive card information, and without having to comply with PCI DSS requirements.