Security and Compliance at Sezzle
Sezzle is PCI DSS Level 1 Certified
Sezzle is a PCI DSS Level 1 certified compliant Service Provider organization. We recommend that consumers and merchants ensure they are working with a Level 1 certified compliant organization. Level 1 certification ensures that an external auditor has fully assessed the ability of the organization.
PCI DSS is a comprehensive set of requirements created by the Payment Card Industry Security Standards Council to enhance cardholder data security and to ensure the safe handling and storage of sensitive customer credit card information and data.
Sezzle’s PCI DSS responsibilities as a Service Provider are outlined in our Level 1 Report on Compliance (ROC) and our Level 1 Attestation of Compliance (AOC), as independently audited and reported by Sezzle’s Qualified Security Assessor (QSA). Sezzle’s Attestation of Compliance (AOC) is submitted to Sezzle’s acquiring bank(s).
There are 4 levels of PCI compliance:Level 1: Over 6 million card transactions per year. External audit required for compliance. (Sezzle is Level 1)
Level 2: 1 to 6 million transactions per year. Only a self-assessment is required for compliance.
Level 3: 20,000 to 1 million transactions per year. Only a self-assessment is required for compliance.
Level 4: fewer than 20,000 transactions per year. Only a self-assessment is required for compliance.
More information can be found on the official PCI org website: