Skip to main content

PCI Compliance

Payment Card Industry Data Security Standard (PCI DSS) compliance ensures that sensitive cardholder data is securely processed, stored, and transmitted.

OrchestratorX Cloud provides out-of-the-box PCI DSS Level 1 compliance—the highest level of certification—so you can handle payments securely without worrying about card storage or compliance complexities yourself.

Key Features of PCI Compliance on OrchestratorX Cloud

PCI DSS Level 1 Certification OrchestratorX is validated as a PCI DSS v4.0 Level 1 Service Provider, the highest level of PCI certification for service providers. This ensures robust security controls for storing, processing, and transmitting cardholder data.

Annual Audits OrchestratorX undergoes an annual PCI DSS audit performed by an independent Qualified Security Assessor (QSA). In addition, quarterly vulnerability scans are conducted by a PCI-approved scanning vendor (ASV), as required by PCI DSS.

Tokenization for Secure Card Handling OrchestratorX tokenizes and stores customer card details in its cloud vault, reducing the need for merchants to store sensitive data.

Enabling Raw Card Acceptance with Payment Processors

To process raw card data securely through OrchestratorX:

Processor Configuration:

Many payment processors disable raw card acceptance by default. To enable it:

  • Share OrchestratorX's PCI Attestation of Compliance (AOC) with your processor's support team.
  • Request them to enable raw card processing for your merchant account.

Stripe Integration Update:

  • Stripe no longer allows raw card acceptance via its Merchant Dashboard.
  • If required, share OrchestratorX's PCI DSS Attestation of Compliance (AOC) with Stripe support.

Accessing the PCI AOC Document:

  • A redacted version of OrchestratorX's PCI DSS Attestation of Compliance (AOC) is available to Cloud users under NDA. It can be downloaded from the Compliance section in the Dashboard.
  • Alternatively, email support@orchestratorx.com for assistance.

Why Choose OrchestratorX for PCI Compliance?

  • Simplified compliance management with automatic tokenization and secure storage.
  • Global security standards maintained across all integrations.
  • Reduced complexity and liability for merchants in handling sensitive card data.