Managing cardholder data and navigating the obligations and responsibilities of this can be very complex. Our Merchant Trust Initiative (MTI) is designed to simplify the process by giving you the knowledge and tools to enhance security within your business while obtaining PCI compliance.

If you have any questions about Cybersercurity, privacy and how you can protect your business, submit a question  to our experts below.

internet security

Easy to use portal

A step-by-step guide through the Self-Assessment Questionnaire (SAQ) to ensure you process payments securely and what areas need to be reviewed.

Endpoint protection

Endpoint protection is included with your subscription to the MTI and will protect your business computers against unknown threats such as viruses, adware, Trojan horses and worms.

Security Alerts

You will be one of the first to know about new vulnerabilities that may impact your business and what steps you can take to ensure your protection.

Technical support

24/7 Human Support

If you need help with the SecureTrust portal, completing your SAQ, and the included security tools (endpoint protection, vulnerability scanning)  you can call 1800 370 782 or email support.

eWAY Business Security MTI Features


Cyber Liability Insurance

Your MTI membership secures you an exclusive discount on Cyber Liability insurance with Bizcover. Click here to apply now. Terms and conditions apply.

Be trusted

By following the step-by-step guide you can take steps to ensure that your customers personal and payment card data is secure. This will build trust and continued loyalty from your customers.

internet security

SecureTrust PCI Manager

An all-in-one solution that helps your business attain PCI DSS compliance through a simple easy to use portal.

Watch a video to get started with SecureTrust PCI Manager.

Technical support

Access SecureTrust’s Platform

Access to SecureTrust’s cyber security and PCI compliance platform, including vulnerability and network security tools, security awareness training and endpoint monitoring.

Expert consultancy program

A cybersecurity expert will guide and support you through any questions and assist you to attain PCI DSS compliance. 15 minutes, at a day and time that suits you will set you up for security success.

eWAY merchant

PCI Infographic

Frequently Asked Questions

What is PCI DSS Compliance?

The Payment Card Industry Data Security Standard (PCI-DSS) was created to ensure there is a consistent set of standards for the processing, handling and storing of sensitive credit card information. PCI-DSS compliance can be extremely complicated and challenging. However, at eWAY, we aim to help our customers navigate the standards by providing tools to help increase your security and ensure compliance is met.

Which businesses are required to be compliant?

Every business that handles cards, from major enterprises to the smallest businesses, regardless of their size or transaction volume, must ensure they are compliant with the requirements in the PCI DSS. Not doing so may result in suspension from processing cards from certain providers. By staying compliant with PCI DSS requirements, you can be confident that you are doing the right thing by your customers.

How do I know if I’m already PCI DSS compliant?

If you complete a yearly assessment of your PCI DSS status, which is completed using a Self-Assessment Questionnaire (SAQ) accurately, and your assessment shows you have no outstanding actions, then you are PCI-DSS compliant. If you have a portal or e-commerce website, this will include providing evidence of quarterly vulnerability scans from an PCI-SSC approved scanning vendor.

Who is SecureTrust?

We have partnered with SecureTrust, a division of Trustwave, who are global leaders in cyber security and PCI Compliance programs to deliver the Merchant Trust Initiative.

Can I opt out of the initiative?

It is mandatory for all merchants who accept credit cards to be compliant with the PCI Data Security Standard, and this applies regardless of size or how they accept payments. This is not just limited to completing a Self-Assessment Questionnaire (SAQ), but requires a number of steps and regular scans to ensure obligations are met. This is where the Merchant Trust Initiative helps you simplify the steps within the process. If you are already able to show your compliance from another provider, or choose to opt out, click here. The form will outline your obligations as a customer of eWAY, so please ensure you understand and meet all these requirements prior to opting out.

I thought by being with eWAY, I was already PCI DSS compliant?

eWAY is Level 1 PCI DSS compliant business. However there is a point prior to any of this data being entered into our systems that merchants have an obligation to protect card information. This is part of the reason we have launched the Merchant Trust Initiative – to educate and increase knowledge around these obligations to ensure better cybersecurity and data protection practices.

Where can I get more information about the card scheme rules around PCI DSS compliance?

Each of the card schemes have rules that apply to different members of the supply chain within the payment card industry. The following list from each of the card scheme members outlines their specific rules.

  • Visa MasterCard
  • American Express
  • Discover Financial Services
  • JCB International

What are the penalties for PCI DSS non-compliance?

Fines for PCI DSS non-compliance can range from $5,000 to $100,000 per month per violation.

How long do I have to become compliant?

You will have 12 months to complete your certification using the SecureTrust PCI Manager.