Skip to main content
As a processor of card payment and cardholder data, we are committed to ensuring the proper and secure handling of client data with multiple security controls in place. Our architecture is developed to have multiple layers of protection, including, but not limited to, secure data transfer, encryption, network configuration, and application-level controls.  PEX has a level I PCI DSS certification and is regularly audited to ensure full compliance. The PCI Attestation of Compliance (AoC) is available upon request for existing/onboarding clients. In addition to our internal controls, PEX makes multiple tools available to help clients ensure that their accounts are secure. Some of these tools include: PEX also performs a comprehensive review of all our processes and controls in place to protect our client’s data. An external version of our SOC 2 report is also available upon request for existing/on-boarding clients.*  If you have any questions about PEX’s security practices, or wish to request additional information, please contact your sales representative, client services representative or PEX administrator support
Last modified on April 22, 2026