As a Level 1 service provider eWAY is required to remain PCI DSS compliant at all
times, undertaking yearly audits and quarterly network scans from an external Qualified
Security Assessor to ensure compliance is maintained.
eCommerce merchants whose systems store, process or transmit credit card data must
be PCI DSS compliant depending on the number of eCommerce transactions processed
annually. The processes eWAY goes through to maintain compliance include a Self-Assessment
Questionnaire, an External Vulnerability Assessment and an onsite review by an external
Qualified Security Assessor (QSA).
eWAY values its merchants sensitive customer data and strives to ensure that it
always remains up to date for any relevant standards. PCI DSS compliancy is extremely
important for any Payment Gateway and eWAY provides all merchants and their customers
with the confidence they need to shop safely online.
eWAY utilises
McAfeeSecure
for its quarterly vulnerability scans and stratsec to undertake its yearly audit.
View eWAY's PCI DSS Compliance Certificate