Payment Card Industry (PCI)
The Payment Card Industry Data Security Standard (PCI DSS) is a global framework that protects credit card data. It applies to every entity that stores, processes, or transmits cardholder information.
Files.com PCI Compliance Status
Files.com is a Level 2 PCI DSS Certified Service Provider. The certification covers two scenarios.
The first is processing our own billing transactions. Files.com handles cardholder data for its own billing and account management functions, and all credit card transactions run through PCI-compliant third-party providers: Stripe, Braintree, and PayPal, all of whom are also PCI-certified.
The second is storing cardholder data on behalf of customers. Files.com is certified to store PCI-regulated cardholder data for customers subject to PCI DSS, provided those customers maintain their own overall PCI compliance.
Files.com is open to pursuing Level 1 PCI certification for the customer storage scenario when a customer engagement requires it. The audit scope would expand, but there is no material difference in the work we've already done to meet PCI standards.
Our most recent Attestation of Compliance (AOC) is available upon request. Contact your Account Executive or Account Manager to obtain a copy.
About PCI DSS
PCI DSS is managed by the PCI Security Standards Council, a global body founded by major payment brands including Visa, MasterCard, American Express, Discover, JCB, and UnionPay.
The standard defines 12 requirements that protect cardholder data and maintain a secure environment. The requirements fall under goals that include securing networks, managing vulnerabilities, and enforcing access control. Organizations subject to PCI DSS must:
- Install and maintain secure firewalls
- Encrypt cardholder data
- Use antivirus and anti-malware tools
- Restrict access to cardholder data on a need-to-know basis
- Monitor and test networks regularly
- Maintain a company-wide security policy
Compliance is validated annually through assessments and security scans. The exact validation requirements depend on the organization's role in the payment ecosystem and its transaction volume.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes