PCI compliance

Question

Hello, I wanted to know whether the platform is PCI compliant. Additionally, does it support creating credit card authorization forms and securely collecting copies of IDs and the front and back of credit cards? Thanks!

Mike_SuiteDash · Answer

Hi there,\u000a\u000aGreat questions \u002D security is important!\u000a\u000a**PCI Compliance:** Yes, we are fully PCI compliant. We do NOT store credit card data in our databases. We securely pass one\u002Dtime credit card information in one direction to your configured payment gateway (Stripe, PayPal, etc.). They send back to us an authorization token, and that is what we store in our database to reference that card. Then we make a secure call in every case to them to ask for an authorization, and they handle everything on their side as far as storing card information. Our system never even sees the credit card number because a secure tunnel is established between the payment gateway\u0027s servers and the customer \u002D the card information passes only through that secure tunnel. Our system never touches it, never accesses it, and never sees it again because it never comes back from the payment gateway destination. Probably a lot more than you really wanted to know, but those are the mechanics of what makes it completely secure and PCI compliant.\u000a\u000a**Credit Card Authorization Forms:** Yes, we have a dedicated feature for this \u002D Stored Payment Information. This allows you to securely collect and store payment method authorizations from your Contacts. Documentation here: https://help.suitedash.com/article/458\u002Dstored\u002Dpayment\u002Dinformation\u000a\u000a**Collecting IDs and Card Images:** Yes, you can use File Upload Custom Fields on Forms to collect copies of IDs and images of credit cards. These files are stored securely in your SuiteDash account.\u000a\u000a**Credit Card Vaulting:** The alternative to the token system I described above \u002D where you need payment information on file that can be retrieved and viewed \u002D is our Credit Card Vault feature (part of the PLUS Bundle Power\u002DUp). This allows you to securely \u0022Vault\u0022 credit cards from your Contacts using enterprise\u002Dlevel technologies paired with military\u002Dgrade PGP encryption. You can then easily and securely retrieve/view the complete credit card number, expiration, and security code. It\u0027s 100% PCI Compliant. This might be exactly what you\u0027re looking for depending on your workflow. Documentation here: https://help.suitedash.com/article/478\u002Dcredit\u002Dcard\u002Dvaulting\u000a\u000aHope that helps!\u000a\u000aThanks,\u000a\u000aMike

SuiteDash

Share SuiteDash

Choose a plan

Related questions