Authvia maintains PCI DSS Level 1 compliance (version 4.0) to ensure the highest level of security for payment method data. Our platform is designed to provide PCI mitigation while minimizing your PCI scope and providing secure payment processing capabilities.

For detailed information about our compliance certifications, visit trust.authvia.com.

Sensitive Data Handling

Never returned in API responses:

Full card numbers
CVV codes
PIN numbers
Full account numbers
Routing numbers

Safe to return:

Last 4 digits of cards/accounts
Card brand (Visa, Mastercard, etc.)
Expiration dates
Account types
Token references

Security Scopes

`payment_method:pci` Scope

Required for operations that involve sensitive payment data:

Creating payment methods with full card/account details
Updating CVV on existing credit cards
Bulk operations involving sensitive data

⚠️
Important: This scope requires a valid PCI attestation of compliance, annually. Contact support@authvia.com to get this scope granted.