Are 20i PCI compliant?

Ben Gayson
Published: 6 February 2018Last updated: 22 April 2025
Share:

20i maintains PCI-compliant certification for handling our own transactions. In addition to this, our hosting infrastructure is located within PCI-compliant data centres that consistently pass PCI vulnerability scans. We follow PCI best practices, ensuring our web servers meet all necessary standards to maintain a secure and compliant environment.

How to Perform PCI Scans for Your Website

When performing PCI compliance scans, it is essential to scan your website’s domain name - not the IP address.

  • Scanning the IP address will target 20i’s load balancers instead of your actual website, which will result in scan failures.
  • Scanning the domain name ensures the check is run correctly against the live site itself.

Best Practices for Website PCI Compliance

  • Use a valid and up-to-date SSL certificate to secure data in transit.
  • Keep your site running on an up-to-date version of PHP.
  • Ensure all website software (CMS, plugins, themes, etc.) is fully updated and uncompromised.