Subscribe to receive notifications of new posts:

CloudFlare is PCI Certified


1 min read

Great news for everyone using CloudFlare on an e-commerce site, or a site accepting or processing credit card transactions.

After undergoing a Payment Card Industry (PCI) Data Security Standard (DSS) 2.0 security control assessment, we’ve been certified as a Level 1 service provider. Achieving Level 1 status requires an assessment of our security controls by an independent third party—a Qualified Security Assessor (QSA).

Additionally, CloudFlare’s Web Application Firewall (WAF) helps companies meet PCI requirement 6.6. Our WAF not only helps protect our customers from application layer attacks, but also secures the data of online consumers making purchases on sites within the CloudFlare network.

What’s even better is that we’ve achieved Level 1 PCI compliance while still allowing for expansion of our global data center network. Over the coming weeks, we plan to turn on four new data centers in Madrid, Spain; Milan, Italy; Medellín, Colombia; and São Paulo, Brazil.

Stay tuned for updates on these new locations!

Have questions about CloudFlare’s PCI status? Check out this FAQ section.

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet application, ward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
PCI CertifiedLegalWAFeCommerce

Follow on X

Matthew Prince|@eastdakota

Related posts