PCI DSS solutions

Data Security Manager (DSM)

Our PCI DSS solutions

We want you to achieve PCI DSS compliance

Data Security Manager and Proactive Security Service can help you do just that. Discover which is best for your business below. 

Data Security Manager (DSM) 

  • Automatic enrolment in this self-service option at merchant set-up
  • You'll have 90 days to complete your self-assessment and prove your compliance 
  • Ideal for businesses with a simple set-up and the time and knowledge to complete the assessment

£4.80 per month + VAT
, per level at which you attest your compliance1

1Refers to the level at which you attest your compliance, i.e. one single attestation for a number of outlets or an individual attestation for each outlet.

Proactive Security Service (PSS)

  • We’ll move you on to this fully managed service if you’re not compliant within 90 days
  • You can choose to opt in to PSS if you feel DSM isn’t right for your business
  • Ideal for businesses with a more complex set-up (e.g. trading in-store and online) and who need guidance with card security

£15 per month + VAT, per outlet2

2The monthly £15 PSS fee + VAT assumes each associated outlet will require only one software deployment – either for a ‘card present’ environment or for ecommerce. If you require both for the same associated outlet, the monthly £15 fee + VAT will be applied for each deployment. 

Extra charge alert

If you choose to opt out of PSS and not use a third party supplier you’ll be migrated back onto DSM but will immediately be charged a non-compliance charge of £25 per outlet, per month.

If you use PSS and are still not compliant in 12 months then we’ll automatically apply a non-compliance charge of £25 per outlet, per month

DSM and PSS compared

Setup support

DSM self-service

PSS managed

Access to trained advisors for general queries via online live chat or by phone


Access to a dedicated security expert to help with self-assessment and guide you through the whole assessment journey and reporting compliance, so you can get it right first time



Access to the Barclaycard portal for step-by-step advice on registration and completing your Attestation of Compliance



Ongoing support

DSM self-service

PSS managed

Timely reminders of when PCI DSS tasks are due so you don't miss deadlines and risk becoming non-compliant



Access to a Qualified Security Assessor (QSA) as a referral, if needed



Advice and guidance where data security improvements are required




DSM self-service

PSS managed

Access to an approved scanning vendor, to scan your network for vulnerability if needed



Vulnerability scans carried out on your behalf, plus cybersecurity tools to help strengthen your data environment 



Using a third-party product?

If you’re using another supplier to attest compliance, you’ll still need to tell us – and provide us with proof of your compliance. Here’s where you’ll find more information about using another provider.