Understanding PCI compliance and security measures for payment methods
Authvia maintains PCI DSS Level 1 compliance (version 4.0) to ensure the highest level of security for payment method data. Our platform is designed to provide PCI mitigation while minimizing your PCI scope and providing secure payment processing capabilities.
For detailed information about our compliance certifications, visit trust.authvia.com.
Sensitive Data Handling
Never returned in API responses:
- Full card numbers
- CVV codes
- PIN numbers
- Full account numbers
- Routing numbers
Safe to return:
- Last 4 digits of cards/accounts
- Card brand (Visa, Mastercard, etc.)
- Expiration dates
- Account types
- Token references
Security Scopes
payment_method:pci Scope
payment_method:pci ScopeRequired for operations that involve sensitive payment data:
- Creating payment methods with full card/account details
- Updating CVV on existing credit cards
- Bulk operations involving sensitive data
Important: This scope requires a valid PCI attestation of compliance, annually. Contact [email protected] to get this scope granted.