Shopify URL:


Keep store's business and customers secure

All stores powered by Shopify are PCI compliant by default so Shopify can keep payment info and business data safe.


Shopify’s compliance covers all 6 PCI standard categories and applies to every store using platforms.


1)  What is PCI?

The Payment Card Industry Data Security Standard (PCI DSS) is a security standard for organizations that handle credit and debit card information.

The standard was created to increase controls around payment data to reduce fraud.

If stores want to sell online and accept payments from Visa, Mastercard, American Express, or Discover, store's software and hosting needs to be PCI compliant.



2)  Is Shopify PCI compliant?

Yes, Shopify is certified Level 1 PCI DSS compliant.

This compliance extends by default to all stores powered by Shopify.

Shopify is very serious about securely hosting stores and have invested significant time and money to certify our solution is PCI compliant.

From annual on-site assessments validating compliance to continuous risk management, Shopify work hard to keep our shopping cart and ecommerce hosting secure. 



3)  How do stores make our store PCI compliant?

All Shopify stores using Shopify's platform are automatically PCI compliant by default.

When we choose Shopify to power our store, we can rest easy knowing that Shopify invested significant time and money to obtain our Level 1 PCI certification and that Shopify certification covers stores, their shopping cart and web hosting.

To learn more about the role of data security in customer trust, or to learn more about how to maintain compliance take a look at our PCI compliance checklist on the Shopify blog.