PCI Compliance

The Rulebook for Credit Card Transactions

PCI Standard stands for Payment Card Industry Standard and is a rule book for payment transactions concerned with the processing of credit card payments. It was developed by Visa and MasterCard. The regulations are binding for all card acceptance companies as well as all card brands.

The latest version was released on October 26th 2010 and came into effect on January 1st 2011. It consists of 12 requirements to the companies' networks and covers all relevant areas. In the following passage we will focus on a small overview over the most important questions for online merchants in connection with the PCI-Standards. The detailed PCI-Regulations may be consulted directly at the PCI-committee (http://de.pcisecuritystandards.org/minisite/en/).

When Do You Need a PCI-Certification?

As soon you process, save or transmit credit card data, PCI-compliancy is obligatory. The PCI-standard differentiates between four different levels depending on the amount and kind of the processed transactions and the respective card organisation.

For more detailed information on which PCI-level you must fulfill please contact your Payment Service Provider directly.


The compliance with the regulations is very important. Besides harsh damage to the image, a violation can lead to liability exposure.

Refrain from unauthorised implementations or modifications. When purchasing payment modules, it is worth paying attention to the recommendations of Payment Service Providers - All payment modules by sellXed have officially been recommended for usage.

Are the sellXed Payment Modules PCI-Compliant?

Unless otherwise marked (see Server Authorisation further below), all payment modules by sellXed offer only PCI-compliant authorisation methods. By using these payment processing methods you profit from the certification of your Payment Service Provider and therefore save on additional personal certification costs.

Do the sellXed Plugins also Offer the Possibility of „Self-Hosted“ Payment Page?

Besides the PCI-compliant integrations, some modules also offer payment processing via the so-called „Server Authorisation“. Using this authorisation method necessitates the fulfillment of further requirements in regards to your infrastructure, provided that you are processing PCI-relevant data. Before implementing this method, please contact us and your Payment Service Provider.