Subscribe to receive notifications of new posts:

CloudFlare is PCI Certified

2014-06-04

1 min read

Great news for everyone using CloudFlare on an e-commerce site, or a site accepting or processing credit card transactions.

After undergoing a Payment Card Industry (PCI) Data Security Standard (DSS) 2.0 security control assessment, we’ve been certified as a Level 1 service provider. Achieving Level 1 status requires an assessment of our security controls by an independent third party—a Qualified Security Assessor (QSA).

Additionally, CloudFlare’s Web Application Firewall (WAF) helps companies meet PCI requirement 6.6. Our WAF not only helps protect our customers from application layer attacks, but also secures the data of online consumers making purchases on sites within the CloudFlare network.

What’s even better is that we’ve achieved Level 1 PCI compliance while still allowing for expansion of our global data center network. Over the coming weeks, we plan to turn on four new data centers in Madrid, Spain; Milan, Italy; Medellín, Colombia; and São Paulo, Brazil.

Stay tuned for updates on these new locations!

Have questions about CloudFlare’s PCI status? Check out this FAQ section.

Cloudflare's connectivity cloud protects entire corporate networks, helps customers build Internet-scale applications efficiently, accelerates any website or Internet application, wards off DDoS attacks, keeps hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
PCI CertifiedPolicy & LegalWAFeCommerce

Follow on X

Matthew Prince|@eastdakota
Cloudflare|@cloudflare

Related posts