Business Catalyst renews PCI DSS level 1 certification

Magda Neagu - Thursday, January 12, 2017

Here at Business Catalyst one of our main concerns is the security of our customers' data, and reliability of the system where you host your sites. Every year, we renew our certification by passing an independent audit and as such, Business Catalyst continues to be PCI DSS Level 1 certified. 

What is PCI and what does it mean for your customers?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards ensuring that companies that accept, process, store or transmit credit card information maintain a secure environment.

The Payment Card Industry Security Standards Council (PCI SSC) was launched in 2006 and Business Catalyst has joined the ranks of PCI compliant hosting solutions more than 4 years ago. 

Why choose a PCI compliant hosting platform? 

As a business owner choosing a hosting platform for your online store your should look into several items that are all covered by a PCI certified platform:

  • absolute security for your customers' credit card data - a 2015 security study from Verizon shows that a PCI certified platform is 50% more likely to successfully withstand potential security breaches.
  • no extra work for you - if you process more than 20.000 payments a year, you are required by law to be PCI certified (level 4). With Business Catalyst this certification is taken care of, as we are certified to the highest level possible (level 1) with no extra actions needed on the merchants' side
  • you are ready with an answer when your customers asks about this issue - right now most customers might not be aware of this certification, but more and more people are starting to ask about the security of their data and protection of financial information. When these questions come you can safely announce that you have already taken care of this issue, and are hosting on  a PCI certified platform.  

If required, the following documents are available upon request from BC support:

  • The most recent quarterly scan by a PCI SSC Approved Scanning Vendor
  • The Attestation of Compliance, signed by both Adobe Business Catalyst and the QSA

For more information regarding PCI, see the PCI Security Standards Council website at: