Certification and compliance
Azure maintains the largest compliance portfolio in the industry. For details, see Microsoft Azure Compliance Offerings. Each offering description provides an up to-date-scope statement and links to useful downloadable resources.
Azure payment HSM meets following compliance standards:
- PCI DSS
- PCI PIN
- PCI 3DS
- CSA STAR Certification
- CSA STAR Attestation
- ISO 20000-1:2018
- ISO 22301:2019
- ISO 27001:2013
- ISO 27017:2015
- ISO 27018:2019
- ISO 27701:2019
- ISO 9001:2015
- SOC 1, 2, 3
- Germany C5
To download latest certification and attestation reports, go to Service Trust Portal Home Page (microsoft.com).
For example, the latest PCI certification reports and shared responsibility matrices are:
- Azure - PCI PIN 3.1 Package (September 2023) (2023-09-14)
- Azure PCI DSS V4.0 (2024-03-27)
- Azure PCI 3DS V1.0 (2024-03-27)
Thales payShield 10K HSMs are certified to FIPS 140-2 Level 3 and PCI HSM v3.
Next steps
- Learn more about Azure Payment HSM
- See some common deployment scenarios
- Read the frequently asked questions