Skip to main content


Information Security

Rapyd handles and maintains sensitive information in accordance with the most stringent PCI standards.

PCI Level 1

The Payment Card Industry (PCI) has established strict security requirements for the processing, handling, transmission and storage of sensitive data that is required for processing card transactions when the card is not present. The requirements are set forth in the PCI Data Security Standard (DSS). For further information, see PCI Security Standards Council.

Rapyd has passed stringent independent onsite assessments by a Qualified Security Assessor and is certified as a Level 1 service provider.

Rapyd and PCI-compliant clients can handle the following sensitive personal data:

  • Name

  • Card number

  • Expiration date

  • Card security code (CVV)

Clients without PCI certification must not collect any sensitive personal data and cannot use features of the Rapyd platform that require that data. To handle card transactions without PCI certification, use hosted pages.