Any business involved with the processing, transmission, or storage of credit card data must comply with the Payment Card Industry Data Security Standards (PCI DSS). PCI DSS version 3.0 is in place and mandatory to all new and existing PAYMILL users.
While setting up your PAYMILL account you will be asked to fill out the PCI Self-Assessment Questionnaire (SAQ) if you are onboarded with our partner banks Acceptance or Wirecard. Your processed funds will only be settled to your bank account if you have completed your yearly PCI SAQ successfully.
According to the PCI Security Standards Council, you will be eligible for SAQ A if you fulfill the following requirements:
SAQ A needs to be filled once per year to confirm your PCI compliance. For more information follow the guidelines here: SAQ A guide
The PCI Security Standards Council has confirmed the following requirements which will make you eligible for SAQ A-EP:
Currently this questionnaire needs to be filled once per year by users who are activated with our partner banks Acceptance and Wirecard. Please note this version is longer than the SAQ A (139 questions) and requires you to fulfill a quarterly ASV security scan of your systems by an external PCI security company (costs apply).
For more information follow the guideline here: SAQ A-EP guide.
Though the new PCI DSS 3.0 requirements help compliant merchants to be even more secure, we understand the additional efforts which the SAQ A-EP process brings with it. In order to make the new requirements more convenient for you, we released a new flexible solution, which is in line with the SAQ A requirements.
The following documents will guide you on how to implement and migrate to the PayFrame solution which could help you to be eligible for the SAQ A process. This solution will not compromise any of your known PAYMILL benefits like customising the look and feel of your payment form.
Guide on how to embed the PCI 3.0 PayFrame solution: Bridge PayFrame
Note: if you are currently using one of the following plugins supported by PAYMILL, you will need to update to the versions stated below. Then the PayFrame will be enabled by default. The respective plugin versions will be released in the order you see below in the upcoming weeks:
We have assembled how the PAYMILL solution works as part of your website. This could help you understanding the functionalities and interactions better in order to fill out the PCI SAQ. For particular questions about your website we recommend you to seek advice from your website developer or shop system. For questions around PCI DSS you can reach out to the PCI contacts of our partner banks.
Contact the PCI support for detailed questions around PCI DSS and SAQ.
Partner Bank: Acceptance Contact: SRC GmbH (Acceptance Lufthansa AirPlus) Phone: +49 (0) 228/2806-166 (standard call costs apply)
Wirecard Bank AG
Partner Bank: Wirecard Bank AG Contact: PCI Competence Center der usd AG Phone: +49 6102 8631-720 (standard call costs apply) E-Mail: firstname.lastname@example.org Available Monday - Friday between 8-18h