Overview

The Payment Card Industry Data Security Standard, also known as PCI-DSS (PCI) is the compliance and security standard created by the Payment Card Industry Security Standards Council (PCI-SSC) that aims to protect cardholder data from theft and reduce instances of credit card fraud. Cardholder data is defined as the Primary Account Number (PAN) alongside any of the following:

The PCI-SCC was formed by the leading card brand networks: Visa, MasterCard, Discover, American Express, and JCB International. These card brand networks banded together to create a standard baseline level of protection for buyers and businesses with PCI-DSS.

Note: PCI compliance does not apply to transactions processed through the ACH (Automated Clearing House) network.

All businesses that store, process, and/or transmit cardholder data are required to complete a form within 90 days of onboarding and then annually thereafter.

Glide's card process, Finix is a Level 1 PCI-DSS certified service provider, which is the strictest and highest attainable level of PCI compliance. This significantly reduces an FI's PCI Compliance requirements.

Your FI simply needs to complete a Self-Assessment Questionnaire (SAQ) to acknowledge the standards. Completing the SAQ does not require your credit union to achieve PCI Level 1 compliance. Since our credit unions (“merchants”) do not store, process, or transmit cardholder data—all such functions are outsourced—this is a quick and straightforward acknowledgment.

The SAQ on the card dashboard specifically addresses the e-commerce use case (account opening via Glide) and should be completed with respect to the Glide platform.

We simplify this SAQ process by pre-filling the entire form, allowing you to complete it with just a few clicks from the card processor dashboard. The form becomes available for signing after your card processing approval.