Everyone is concerned about credit card security these days and for good reason. Both consumers and businesses suffer when the security of credit card transactions is breached.
Jenica has selected the E-Commerce components we provide with secuity upmost in our mind. Our Merchant Accounts, Payment Gateways, Hosting and Shopping Cart software are certiified to meet the appropriate PCI DSS and CISP compliant guidelines. We have the knowledge and expertise to help you become PCI compliant as well.
- Secure SSL Certificates - The first step in meeting customer security concerns is to secure you website with a SSL certificate. Using encrypted communications between your website and your customers browseris not enough. The SSL certificate verifieys that they have reached your website and not an imposter.
- PCI Compliance Scanning - In addition to meeting the stringent requirements demeanded by the Credit Card industry, PCI complience scanning inspires confidence in your customers leaning to more sales and fewer basket abandonments.
- PCI DSS Certified Shopping Carts - All the security in the world is wasted if your shopping cart software does not meet the PCI DSS requiremts for secure credit card transaction processing. Our shopping cart software has undergone rigorous testing and certification.
- Merchant Account and Payment Gateway - Last but not least, Our Merchant Account processing partners have been selected to exceed the payment card security standards with end-to end encryption of cardholder data and ultra secure off-site storage of sensitive data.
PCI DSS Requirements
The twelve PCI DSS requirements catalog best practices that
businesses should follow when handling customers’ payment cards or
payment card information. They are broken down into six different
Build and Maintain a Secure Network
- Requirement 1: Install and maintain a firewall configuration to protect cardholder data
- Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
- Requirement 3: Protect stored cardholder data
- Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
- Requirement 7: Restrict access to cardholder data by business need-to-know
- Requirement 8: Assign a unique ID to each person with computer access
- Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
- Requirement 10: Track and monitor all access to network resources and cardholder data
- Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
- Requirement 12: Maintain a policy that addresses information security
The first version of PCI DSS was introduced in September 2006. At
this time, the PCI Security Standards Council (PCI SSC) established a
continual two year cycle of review and revision of PCI DSS. This fall,
the PCI SSC released PCI DSS Version 2.0, which included existing
requirement clarifications, additional guidance and minor changes to
evolving PCI DSS requirements. Any merchant submitting a report of PCI
DSS compliance after December 31, 2010 must comply with PCI DSS Version
Merchants fall under four categories of PCI compliance, depending on
the number of transactions they process each year, and whether those
transactions are performed from a brick and mortar location or over the
Internet. All merchants that process credit cards—whether small or
large—must be PCI compliant.