As part of our commitment to data security, American Express requires that all of our Merchants, Service Providers and their Covered Parties:
- Store Cardmember information only to facilitate Card transactions as described in their agreement with American Express
- Comply with the current Payment Card Industry Data Security Standard
Covered Parties include Merchants':
Covered Parties also include providers of Point-of-Sale equipment, systems or payment processing solutions, as well as any other party to whom a Merchant may provide access to Cardmember information in accordance with its Card Acceptance Agreement.
- Employees
- Agents
- Representatives
- Subcontractors
- Processors
- Service Providers
View the Payment Card Industry Data Security Standard.
List of Assessors
The PCI Security Standards Council is assuming responsibility for the Qualified Security Assessors (QSA) program previously administered separately by Visa International. All new and existing QSAs must contract directly with the Council.
Click here to find a QSA