BlueSnap complies with Level 1 Payment Card Industry Data Securities Standards (PCI-DSS), which is the highest standard of PCI compliance.
Whenever shopper’s cardholder payment data is transmitted, processed, or managed through the BlueSnap platform, BlueSnap takes responsibility for the proper security of the data entrusted to us in accordance with PCI-DSS requirements.
Merchants that use BlueSnap’s hosted secure order pages benefit from having the main burden of PCI compliance covered by BlueSnap. Nevertheless, as Merchants have access to transaction invoices they must carefully manage the administration of such data in line with relevant privacy legislation and Card Association rules. We recommend that such Merchants take steps to ensure their compliance by benefitting from free enrolment with our PCI specialist partner Security Metrics.
Merchants that host their own order pages and use BlueSnap Payment APIs are required to be fully PCI-DSS compliant and are responsible to securely manage all shopper’s payment data. Such Merchants are encouraged to simplify such compliance obligations and to protect and secure their business and customer data through the PCI security programs BlueSnap has established with Security Metrics https://www.securitymetrics.com/pcidss/bluesnap
Further general information about PCI-DSS can be found here: https://www.pcisecuritystandards.org/security_standards/index.php