Cloudflare Certified at the Highest Level of Payment Card Industry (PCI) Compliance
Independent assessor finds Cloudflare’s Web Application Firewall (WAF) helps companies meet PCI requirements
San Francisco, CA, June 4, 2014
Cloudflare, the leading Web performance and security company, announced today that it has undergone a Payment Card Industry (PCI) Data Security Standard (DSS) 2.0 security control assessment, and that it has been certified as a Level 1 service provider—the highest level of certification. Cloudflare is also announcing to customers seeking PCI compliance, either as merchants or service providers, that they can now utilize Cloudflare’s Web Application Firewall (WAF) to meet Requirement 6.6 of PCI DSS 2.0 and PCI DSS 3.0.
PCI DSS is a worldwide payment card security standard. The requirements of this standard are designed to optimize the security of digitally-transferred user information. This recent certification not only benefits Cloudflare and its customers, but it also helps protect online consumers making purchases on a site within the Cloudflare network.
“Cloudflare’s mission is to build a better Internet. Critical to that is ensuring our network meets the highest standards for security,” explained Matthew Prince, co-founder and CEO of Cloudflare. “Being Level 1 certified means our clients are assured that their data is secure while it travels across Cloudflare’s global network. Moreover, we’re proud that our state-of-the-art web application firewall is now certified to help our customers meet their own PCI requirements.”
With tens of thousands of [e-commerce](https://www.cloudflare.com/ecommerce/) and financial service companies relying on Cloudflare to keep them [fast and safe](https://www.cloudflare.com/solutions/ecommerce/optimization/) online, Cloudflare is staying on top of the latest procedures and compliance requirements in the payment card industry so it can provide stellar service to clients like Gilt Groupe, Elance/oDesk, NASDAQ Private Market and eHarmony.
Cloudflare achieved the highest level of PCI compliance while still allowing for expansion of the company’s rapidly growing network of global data centers. Over the coming weeks, Cloudflare will turn up four new data centers in Madrid, Spain; Milan, Italy; Medellin, Columbia; and São Paulo, Brazil.