Yes. PCI compliance still applies to your business, even if you rely on a third-party processor to handle card transactions. The responsibility for protecting cardholder data is shared - and merchants are still accountable for many parts of the compliance process.
When using a third-party payment processor, your business is still responsible for:
- Use PCI PTS-certified payment terminals
- Secure your network and physical environments
- Ensure all service providers are PCI DSS validated
- Complete the appropriate Self-Assessment Questionnaire (SAQ)
Outsourcing processing reduces scope - but not responsibility.
Not sure where you stand? Get in touch to learn how Ingenico supports secure, compliant payment environments.