Gravity Payments PCI DSS Documentation

Gravity Payments Compliance and Security Resources

Gravity Payments is committed to helping merchants meet their compliance obligations and maintain confidence in the security of their payment environments. Our Trust Centers are designed to make it easy for your organization to access the documentation, certifications, and attestations often requested during PCI DSS assessments, vendor due diligence, or internal security reviews.

Within the Trust Centers, you can quickly find:

PCI DSS and NACHA Responsibility Matrices – to understand which PCI DSS and ACH security requirements are managed by Gravity Payments and which remain your responsibility (PCI DSS Requirement 12.8.5).

Attestations of Compliance (AOC) –  to provide your assessor or acquiring bank as proof of Gravity Payments’ validated PCI DSS compliance.

SOC 2 Report (Gravity Portals clients only) – available to current customers upon request, providing independent assurance of Gravity Payments’ security, availability, and confidentiality controls for the Portals platform.

Security Policy Summaries – outlining how Gravity Payments safeguards sensitive data, manages system access, and responds to security incidents.

Access the Trust Center for your platform:

Emergepay Trust Center: https://trust.gravitypayments.com
(For merchants using Emergepay payment integrations, POS, or API-based solutions.)

Portals Trust Center: https://trust.portals.gravitypayments.com
(For merchants using Gravity Payments’ Portals web-based billing and customer account platform.)

If you’re unsure which platform your business uses or what documentation you need for your next compliance review, please contact your Gravity Payments representative or email [email protected]