PCI DSS Compliance

Compass is PCI DSS Level One compliant.
Is your school management system provider?


Compass has achieved Level One compliance with the Payment Card Industry Data Security Standard (PCI DSS) - a key indicator of our commitment to ensuring the data of those who use Compass is kept secure.

Our team works every day to maximise the security and protection of our customers’ data. PCI DSS is a key part of our broader information security strategy, so we’re extremely proud to have achieved full Level One compliance.

The assessment process involved a rigorous five month review of the company's information security posture, and included not only interrogation of our governance approach. But also penetration testing of our payment platform software by an independent security firm.

What is PCI DSS compliance?

The Payment Card Industry Security Standards Council (PCI SSC) is an independent body founded in 2006.

PCI DSS compliance refers to a comprehensive set of security standards, requiring that any organisation that stores, processes, or transmits customer credit card information maintains strict controls and a secure environment. In order to achieve compliance, an organisation must demonstrate that they have implemented a number of mandated objectives, relating to technology design, network and physical data security.

Explore Features

Why is PCI DSS compliance important?

As Compass continues to expand its offerings for schools, parents and carers in Compass school communities, the number of payments processed by Compass has grown.

For example, using our new Canteen module, parents can now order and pay for school lunches through Compass. Similarly, we will be introducing the ability for parents to pay for events from the Compass app. Processing these payments, and indeed, offering  great functionality like the ability for users to save their credit card details within our app, requires PCI DSS compliance.

Just as schools have a diverse range of regulation requirements they must meet, good providers to schools should endeavour to ensure they too are fully compliant.

Explore Features

Is your school management system PCI DSS compliant?

You can search search the Visa Global Registry of Service Providers and the Mastercard list of payment facilitators to see whether your school management system is a validated provider. You should also look out for the 'On the list! 2019' logo on the site of providers.

You can find more information about what it means to be on the Visa Global Registry here. The Visa Global Registry of Service Providers explains the importance of being on the registry:

Explore Features

Peace of mind, with market leading safety and security features

The Compass platform is fully cloud-based allowing your school community to access information on the go through their mobile, tablet, laptop or PC.

The platform is scalable with extensive configuration options allowing you to tailor the platform to suit your needs. With adherence to strict safety and security standards, the platform supports learning outcomes, while keeping student data safe and secure.

Explore Features

Are you concerned about compliance in your school?

Compass is an all-in-one school management system working with over 1,800 schools in Australia to improve learning outcomes, drive operational efficiencies, and increase parent engagement.

If you want to discover more about Compass, please get in touch with one of our product experts below.