Credit Card Compliance
STRONGVON is fully compliant with the PCI to the Payment Card Industry Data Security Standard (PCI DSS), obtaining its compliance through Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions.
Payments collected by STRONGVON LLC on behalf of its clients.
Our Credit Card Service uses the payment services of SAGE PAYMENT SOLUTIONS (formerly known as Verus Card Services), a premium provider of financial services including payment gateway and Internet merchant banking. SAGE is fully compliant to the Payment Card Industry Data Security Standard (PCI DSS), so credit card transactions that go through SAGE payment gateways are well protected by the standards set by the Payment Card Industry.
Payments collected by PAYPAL on behalf of its clients.
We provide our clients with the option of using the payment services of PAYPAL, a worldwide provider of financial services including payment gateway and Internet merchant banking. PAYPAL is fully compliant to the Payment Card Industry Data Security Standard (PCI DSS), so credit card transactions that go through PAYPAL payment gateways are well protected by the standards set by the Payment Card Industry.
CONTINUE BROWSING...It's serious stuff! PCI DSS is an acronym for "Payment Card Industry Data Security Standard". Don't open yourself up to liability by ignoring such compliance, even if all you're doing is collecting the credit card details on your website! You can get shut down. There's a lot of words just to describe the standard, so we'll quote a little off the PCI Security Standard's Council's website (pcisecuritystandards.org).
"The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:
Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security"