Stripe Integration and PCI Compliance Certification
Why We Chose Stripe and How You Know It Is Secure
Taken from Stripe’s website:
Anyone involved with the processing, transmission, or storage of card data must comply with the Payment Card Industry Data Security Standards (PCI DSS). Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a PCI Level 1 Service Provider. This is the most stringent level of certification available in the payments industry.
PCI compliance is a shared responsibility and applies to both Stripe and your business. When accepting payments, you must do so in a PCI compliant manner. The simplest way for you to be PCI compliant is to never see (or have access to) card data at all. Stripe makes this easy for you as we can do the heavy lifting to protect your customers’ card information.
Payments Tool Data Security
The payments tool uses multiple layers of security to protect sensitive payment information. The payments tool is built using Stripe's API integration to manage the secure collection and transmission of payment data. Your buyer's payment credentials are encrypted and tokenized by Stripe to help ensure that unauthorized parties do not gain access to sensitive payment information.
Payments Tool Compliance With PCI Requirements
Payments Tool Requirements for PCI Compliance Validation
With most traditional payment processors, businesses that accept card payments are required to annually validate their compliance with PCI by submitting documentation and undergoing network vulnerability scans. With Aiwyn, Stripe acts as the payments processor, which means that unless you separately process card data, you are not exposed to card data and are therefore not required to validate your compliance with PCI.
Requesting Additional PCI Documentation
If you would like more information, or to request a copy of Aiwyn's SAQ document please email support@aiwyn.ai.