The Payment Card Industry Data Security Standard (PCI DSS) is a information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.
Optimizely X is compliant with PCI Data Security Standard version 3.2.1 Level 2 Service Provider. Optimizely is a service provider and does not process cardholder data. It complies with the Level 2 Service Provider certification process, which validates compliance annually by verifying adherence to all PCI DSS requirements, completing a Self-Assessment Questionnaire (SAQ-D) and Attestation of Compliance for Service Providers.