TaxDome wins Comprehensive Firm Workflow Solutions — CPA Practice Advisor Readers’ Choice Awards 2024. Read more

🔥 Join in-depth webinars to get up to speed on automations, invoicing and team collaboration. Learn more

PCI DSS - Payment Card Industry Data Security Standard

What does PCI DSS mean?

Whenever a business uses a customer’s credit or debit card details to process a transaction, they have to have certain active security measures in place. PCI DSS provides details on the specific security safeguards merchants and service providers have to use in order to store and collect customers’ credit and debit card payment information whenever they are processing transactions. PCI DSS stands for Payment Card Industry Data Security Standard. It is a payment security standard set up by the PCI Security Standards Council.

How is PCI DSS compliance actually determined?

Merchants and service providers must confirm that they use encryption when sending cardholder data across public networks to make sure they are compliant. They must also use firewalls, update their antivirus programs, utilize advanced password protections for safeguarding sensitive cardholder data, and more. Any violations of PCI DSS can end up costing businesses from $5,000 to $50,000 monthly for noncompliance. They can also expect to have to pay $50-$90 per customer account breached if an actual breach occurs.

Is TaxDome PCI DSS compliant?

Credit card details are never stored by TaxDome. Credit cards are transmitted directly to our payment providers over SSL connections and are not logged or stored in TaxDome systems.


All credit payments are processed either by Stripe or CPACharge, a PCI-DSS Level 1 compliant service providers.

Are there any other compliance standards that are similar to PCI DSS?

PCI DSS is unique because it specifically addresses security requirements for credit card payment purchases. It’s a compliance standard that is very similar to PIPEDA, HIPAA, and GDPR because they all require businesses to have actionable plans that help to protect their sensitive client data.