PCI Security Requirements
As part of our commitment to data security, American Express requires that all of our Merchants and Service Providers and their Covered Parties:
- Store Cardmember information only to facilitate Card transactions as described in their agreement with American Express
- Comply with the current Payment Card Industry Data Security Standard
Covered Parties include Merchants' :
- Service Providers
Covered Parties also include providers of its Point-of-Sale equipment, systems or payment processing solutions, as well as any other party to whom a merchant may provide access to Cardmember information in accordance with its Card Acceptance Agreement.
View the Payment Card Industry Data Security Standard.
List of Assessors
The PCI Security Standards Council is assuming responsibility for the Qualified Security Assessors (QSA) program previously administered separately by Visa International. All new and existing QSAs must contract directly with the Council.
Click here to find a QSA