Google Cloud Platform meets the requirements for PCI DSS
What is PCI DSS?
The Payment Card
Industry (PCI) Security Standards Council was established by the major credit
card companies as a separate global organization to define appropriate practices
that merchants and service providers should follow to protect payment cardholder
data. The PCI Security Standards Council created the
PCI Data Security Standard (DSS)
to define a global information security standard for protection of payment
The following Google Cloud Platform services have been reviewed by an independent
Qualified Security Assessor and determined to be PCI DSS 3.2 compliant. This means that these services provide an infrastructure upon which customers may build their own service or application which stores, processes, or transmits cardholder data. Customers are responsible for ensuring that their applications are PCI DSS compliant, but they can rely on Google Cloud Platform's compliance for the infrastructure and platform components it provides. Learn more about this shared responsibility between Google and its customers.