PCI DSS Compliance for MMCloud Air

Payment Card Industry Data Security Standards (PCI DSS) defines the minimum requirements that an entity handling payment card data must fulfill to combat fraud and data theft. PCI DSS Version 4.0 is now in effect. Entities are classified into levels according to the number of transactions processed annually. Level 1 processes the most; Level 4 the least. Level 1 includes merchants and service providers. Within levels 2-4, nine types are identified, depending on how payment information is collected and processed.

MMCloud Air may charge your credit card (or another payment method you configure) after your job completes successfully. To comply with PCI DSS, MMCloud Air uses Stripe’s hosted solution to process payments. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available. With the Stripe hosted solution, the user enters all sensitive payment information in a form that originates directly from Stripe’s PCI DSS–validated servers. Integration with Stripe means that all sensitive payment information is sent directly to Stripe’s PCI DSS–validated servers. MMCloud Air servers do not store or process any sensitive payment information.

Stripe’s Privacy Center provides details about privacy at Stripe, including how and for what purposes Stripe collects, uses, retains, discloses, and safeguards any personal data provided to Stripe.