The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. Bold Subscriptions V1 is PCI compliant, uses industry-leading encryption techniques, and processes all personal information securely.
All supported payment gateways in Bold Subscriptions V1 are also required to be PCI compliant as well; As this is where the credit card information is processed and stored for you and your customers.
Stripe is the recommended payment gateway for use with Bold Subscriptions V1. Visit Security at Stripe for more details.
This article is relevant to Subscriptions V1. If you have Subscriptions for Shopify Checkout on your store, please visit Subscriptions for Shopify Checkout Overview. If you are unsure of which version of Bold Subscriptions you have, please visit Identify Your Version of Bold Subscriptions.
There are six main categories to be considered compliant; these are all met by the Supported Payment Gateways in Bold Subscriptions V1:
- Build and Maintain a Secure Network and Systems
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
In addition to this, Bold Subscriptions V1 must adhere to a subset of the PCI Data Security Standards and has implemented controls in relation to the following (where applicable):
- Do not use vendor-supplied defaults for system passwords and other security parameters.
- Identify and authenticate access to system components.
- Restrict physical access to cardholder data
- Maintain a policy that addresses information security for all personnel
With Subscriptions and one of the Supported Payment Gateways in Bold Subscriptions V1 together you can be assured that you are adequately protected with industry-leading PCI compliance and security standards.