Is Drop PCI compliant? How does that affect me?

PCI applies to any merchant that accepts or stores any credit card data. Simply put, if any customer ever pays the merchant directly using a credit card or debit card, then the PCI DSS requirements apply.

Drop does not ask you to pay for any service directly on our platform using your credit card and therefore we don’t require the same PCI - DSS compliance that other merchants would require.


Have more questions? Submit a request


  • 1
    Ian Catto

    So this means that a company with *just* our credit card number has to be in compliance, but you have both our number and password, and because you don't "charge" money, you don't have to worry?

Please sign in to leave a comment.