Security of Wix's Billing Services and PCI Compliance | Help Center

Learn how to use Wix to build your site and business.

Design and manage your site using intuitive Wix features.

Manage subscriptions, plans and invoices.

Run your business and connect with members.

Learn to purchase, connect or transfer a domain to your site.

Get tools to grow your business and web presence.

Boost your visibility with SEO and marketing tools.

Get advanced features to help you work more efficiently.

Find solutions, learn about known issues or contact us.

Improve your skills with our courses and tutorials.

Get tips for web design, marketing and more.

Learn to increase organic site traffic from search engines.

Build a custom site using our full-stack platform.

Get matched with a specialist to help you reach your goals.

Security of Wix's Billing Services and PCI Compliance

5 min

In this article

PCI Compliance
ISO Compliance
TLS Certification
FAQs

The security of our users' sensitive data is of extreme importance to us here at Wix and we are 100% committed to protecting it.

PCI Compliance

The PCI DSS is an information security standard for organizations or companies that accept credit card payments. This standard helps to create a secure environment by increasing cardholder data, thus reducing credit card fraud.

Wix is Payment Card Industry Data Security Standards (PCI DSS) compliant and is accredited as a Level 1 service provider and merchant. Wix’s PCI DSS compliance is assessed by an external company, and we are audited on a yearly basis in order to align with PCI standards.

Wix PCI applications are running in a dedicated environment - with segregation from other product flows and servers - suitable for the highest PCI standards.

Within our PCI environment, we maintain the highest standard of encryption and storage measures using a FIPS 140-2-certified HSM (Hardware Security Module). Our users’ data at rest encryption utilizes AES-256, the industry’s most broadly used encryption method.

ISO Compliance

ISO 27001 Compliance
Wix has been audited and certified as ISO 27001 compliant. The ISO 27001 certification outlines industry best practices for managing security risks.

ISO 27701 Compliance
Wix has been audited and certified as ISO 27701 compliant. The ISO 27701 certification outlines industry best practices for privacy information management.

ISO 27017 Compliance
Wix has been audited and certified as ISO 27017 compliant. The ISO 27017 certification outlines industry best practices for security techniques in a public cloud computing environment.

ISO 27018 Compliance

Wix has been audited and certified as ISO 27018 compliant. The ISO 27018 certification outlines industry best practices for security techniques for PII protection in a public cloud computing environment.

ISO 27032 Compliance

Wix has been audited and certified as ISO 27032 compliant. The ISO 27032 certification outlines industry best practices for information security system management in a cyberspace environment.

ISO 27035 Compliance

Wix has been audited and certified as ISO 27035 compliant. The ISO 27035 certification outlines industry best practices for security incident management.

TLS Certification

Transport Layer Security (TLS) is a protocol that helps protect your online financial transactions by ensuring secure communication over a network

The PCI Council states that any organization handling payment card transactions must use TLS 1.2 or higher in order to meet PCI DSS compliance standards.

Wix uses Transport Layer Security and does meet PCI DSS compliance standards.
We allow a minimum of TLS 1.2 so that out-of-date devices or browsers can access the website on your domain when they try to view it. At the same time, our sites allow the latest version of TLS for browsers which support it.

Visitors with older browsers may be able to visit your site, however, if their older device protocols don’t meet PCI security standards, they may not be able to complete a transaction.