Join
Contact

What is PCI compliance?

The Payment Card Industry Security Standards Council (PCI SSC) developed a set of requirements in 2006 to help protect against card payment fraud and establish standards for properly storing credit card information.

These rules, called the Payment Card Industry Data Security Standard (PCI DSS), are the backbone of any card processing company's security standards for managing and protecting credit card information.

How does this relate to Novi AMS?

Novi does not process payments directly. We instead connect to your payment process service providers directly, such as QuickBooks Payments or Stripe. All connections between Novi and your payment processing service providers are PCI compliant. This means that Novi never stores your members’ credit card data on its servers. We immediately send the card details to the credit card processor which is then tokenized (encrypted code) and sent back to us so that we can securely identify that card moving forward.

What's your role?

As an organization, you are likely contracted with a payment processor (e.g., QuickBook Payments, Stripe, etc.). Payment processors have their own standards for PCI compliance. You should review the terms and policies relating to your payment processor to ensure they are appropriately handling credit card data.

If you would like to read more about how to ensure your company is conducting its due diligence, feel free to visit the PCI website. We encourage you to contact a qualified professional if you have additional questions about PCI compliance and how it relates to your organization.