Your selected question
Barclaycard keep pushing me to become PCI DSS compliant but are Barclaycard compliant themselves?
As a card acquirer, Barclaycard have always been held to the highest possible standards by Card Schemes (e.g. VISA, MasterCard) and are subject to the highest level of compliance checking and evidencing/auditing.
In the same way that merchants are required to re-assess and confirm their compliance, we are running a continuous detailed end-to-end audit assessment to evidence that our status continues to meet the card acquirers' requirements for the PCI DSS standard as specified by the Card Schemes.
This also includes confirmation that the status of all our relevant third parties complies with the PCI DSS requirements for card acquirers.
At Barclaycard we take data security extremely seriously. As the leading light in payment technology we understand the need to adhere to the strictest levels of legal checking and auditing around storing and transferring cardholder data.
As part of the industry level Payment Card Industry Data Security Standard (PCI DSS), we at Barclaycard have been working closely with the PCI Security Standards Council and the Card Schemes (VISA and MasterCard) to provide customers with a secure and stable payment network.
Barclaycard will remain best in class in the provision of online payment services, and our online payments system e-PDQ was ratified PCI DSS compliant since 2007. We re-validate our compliance every year.
In addition, and in accordance with our general obligations regarding data security beyond card scheme requirements, we confirm that Barclaycard will be responsible for the security of card data under its control. Barclaycard acknowledges responsibility for the security of all cardholder data it holds and processes and will be fully liable for any breach of security which is attributable to its own acts or omissions.
How useful did you find the answer given?Not at all Very useful