What is PCI Compliance?

The Payment Card Industry Security Standards Council (PCI SSC) is entrusted with the responsibility of protecting cardholder data and minimizing the threat of credit card fraud. To facilitate this, they created a set of regulations known as PCI Compliance that all organizations who handle card payments must adhere to.

If you accept card payments, and store, process, or transmit cardholder data in any way, you need to do so in a manner that is PCI Compliant by using a PCI Hosting Provider. This is typically the entity that handles all of your card processing. The PCI Hosting Provider that you use is responsible for the safe storage, processing, and transmission of card details and other information; they bear the burden of maintaining PCI Compliance. PCI Hosting Providers are subject to annual audits from the PCI Security Standards Council to confirm that all security standards are consistently upheld.

Stripe is the secure PCI Hosting Provider that you can use to facilitate card payments from your clients securely, and they are a trusted Level-1 PCI Compliant provider (that’s the highest level of security and compliance.)

When your clients wish to pay using credit cards, you can input their card data securely in Owl where it will be saved and vaulted within Stripe. When the card data is input into Owl, an API call is sent to Stripe to validate the card data and store it securely on the account using tokenization. The card data becomes securely referenceable so it can be used in future transactions. So you don’t have to worry about retaking a client’s card details after every visit, or exposing the card details to anyone. All you need to do is make sure that the card data is always keyed directly into the designated area in Owl Practice that has been built to connect with Stripe for card validation and storage. Once you do that, your clients’ card information will be safely and securely stored for future use.