Payment Card Industry (PCI) compliance refers to the technical and operational standards that businesses must follow to ensure credit card data provided by cardholders is protected. PCI compliance is enforced by the PCI Standards Council (PCI SSC), and all businesses that store, process or transmit credit card data electronically are required to follow the requirements set by the Payment Card Industry Data Security Standard (PCI DSS).
FreshBooks is PCI compliant, and we regularly undergo audits with a third-party auditor to ensure we remain PCI compliant along with specific Security & Reliability Safeguards implemented here. In addition, our Terms of Service also cover our PCI DSS requirements here.
Credit Card Information
Cardholder data are handled in a PCI compliant manner, including FreshBooks Subscriptions, Recurring Payments and Advanced Payments.
If credit card information is entered anywhere in your account, like Notes or Terms on Invoices, or on Client Profiles’ Internal Notes, it will be automatically redacted with XXXXs. Credit card details can only be entered in the payment fields provided when upgrading/downgrading your subscription, when paying an Invoice or when using Advanced Payments. If the string of numbers is not cardholder data, enter the number with different characters and symbols instead.