Download our FREE ebook of 43 A/B testing case studies from the world's leading companies for test ideas and inspiration. Download Now

Optimizely Blog

Tips & Tricks for Building Your Experimentation Program

The total volume of online transactions has grown at breakneck speed over the last decade, and is showing no signs of slowing down, as consumers increasingly purchase products, services and content on the web. In fact, it is estimated that there will be over 2 billion digital buyers worldwide by 2019. However, shopping-cart abandonment is a major problem for online businesses, with average abandonment rate higher than 74%. Even a small improvement in checkout completion rate through experimentation and personalization can translate into significant impact on the bottom line.

As businesses in e-commerce, retail, travel, media and high tech increasingly process credit card information and payment data online, the threat of data breaches grows in parallel. The Ponemon Institute estimates that the average total cost of a data breach is over $4 million in lost business. Companies are also faced with diminished credibility and can be subject to numerous financial liabilities and fraud losses.

As a result, security and compliance has become a top concern of IT teams and consumers alike, across industries such as retail, travel, and media. However, you should not have to compromise between security and performance of your purchase process.

That’s why today, we are delighted to announce announce that Optimizely X now meets the demanding security standards for online payment processing with PCI compliance. Customers can now experiment with Optimizely X everywhere in the purchase funnel on their PCI compliant website, from the initial landing page all the way through to the credit card checkout flow.

What is PCI?

The Payment Card Industry Data Security Standard (PCI DSS) is a information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.

Which standard does Optimizely comply with?

Optimizely X is compliant with the standard “PCI Data Security Standard version 3.2 Level 2 Service Provider”. This means we adhere to the security requirements specified in the standard.  

Which Optimizely products are PCI compliant?

The following products are now PCI compliant:

For more information on PCI, visit

Optimizely X