PCI DSS

Compass is PCI DSS Level One compliant.
Is your school management system provider?

Payment Card Industry Data Security Standard (PCI DSS)

Compass has achieved Level One compliance with the Payment Card Industry Data Security Standard (PCI DSS) - a key indicator of our commitment to ensuring the data of those who use Compass is kept secure.

Our team works every day to maximise the security and protection of our customers’ data. PCI DSS is a key part of our broader information security strategy, so we’re extremely proud to have achieved full Level One compliance.

The assessment process involved a rigorous five month review of the company's information security posture, and included not only interrogation of our governance approach. But also penetration testing of our payment platform software by an independent security firm.
We understand that schools demand service providers who take compliance seriously, and my feeling is that this assessment demonstrates that commitment.

What is PCI DSS compliance?

The Payment Card Industry Security Standards Council (PCI SSC) is an independent body founded in 2006.

PCI DSS compliance refers to a comprehensive set of security standards, requiring that any organisation that stores, processes, or transmits customer credit card information maintains strict controls and a secure environment. In order to achieve compliance, an organisation must demonstrate that they have implemented a number of mandated objectives, relating to technology design, network and physical data security.

Explore Features

Why is PCI DSS compliance important?

As Compass continues to expand its offerings for schools, parents and carers in Compass school communities, the number of payments processed by Compass has grown.

For example, using our new Canteen module, parents can now order and pay for school lunches through Compass. Similarly, we will be introducing the ability for parents to pay for events from the Compass app. Processing these payments, and indeed, offering  great functionality like the ability for users to save their credit card details within our app, requires PCI DSS compliance.

Just as schools have a diverse range of regulation requirements they must meet, good providers to schools should endeavour to ensure they too are fully compliant.

Explore Features

Is your school management system PCI DSS compliant?

You can search search the Visa Global Registry of Service Providers and the Mastercard list of payment facilitators to see whether your school management system is a validated provider. You should also look out for the 'On the list! 2019' logo on the site of providers.

You can find more information about what it means to be on the Visa Global Registry here. The Visa Global Registry of Service Providers explains the importance of being on the registry:

Explore Features

Peace of mind, with market leading safety and security features

The Compass platform is fully cloud-based allowing your school community to access information on the go through their mobile, tablet, laptop or PC.

The platform is scalable with extensive configuration options allowing you to tailor the platform to suit your needs. With adherence to strict safety and security standards, the platform supports learning outcomes, while keeping student data safe and secure.

Explore Features

Are you concerned about compliance in your school?

If compliance regulations are something you are concerned about in your school, Compass has produced a handy Compliance Checklist that will guide you through the necessary first steps you should take to ensure your school is compliant.

You can download our Compliance Checklist by clicking the button below.
Compass is an all-in-one school management system working with over 1,800 schools in Australia to improve learning outcomes, drive operational efficiencies, and increase parent engagement.

If you want to discover more about Compass, please get in touch with one of our product experts below.