Skip to content

PCI DSS Compliant

What is PCI DSS?

The PCI DSS, a set of overall requirements for maintenance of payment account data security, was developed by the establishment of payment brands of the PCI Security Standards Council, inclusively Visa Inc. International, American Express, JCB International, MasterCard Worldwide and Discover Financial Services, to assist the broad acceptance of consistent data security precautions on a global basis.

The PCI DSS is a multifeatured security standard that consists of requirements for security management, procedures, policies, software design, network architecture and other indispendable security measures. This standard is developed to help organizations foreseeingly secure customer account data.

Our PCI DSS Service Provider

CardPay has a partnership with Vectra for our PCI DSS compliance. Every year CardPay goes through a scrupulous security assessment that includes any and all aspects of our security standards and policies which must be implemented. PCI DSS compliance is a set of all the security standards from all the main credit card associations. CardPay comprises all the essential security standards by being PCI DSS compliant. If you need more information on each association's requirements, please visit their websites.

Covering the Basics

The PCI DSS compliance includes some of the most important and basic vulnerabilities in this business, i.e. API Abuse, Authentication, Access Control, Code Quality, Code Permissions, Cryptography, Environmental Security, Error Handling, General Logic Error and Input Validation according to the systems. They can be traced back to the original 12 requirements of Visa CISP:

  1. Install and maintain a firewall to protect data
  2. Keep security and patches up-to-date
  3. Secure stored data
  4. Encrypt data sent across networks
  5. Use and update antivirus software at all times
  6. Restrict access to "need to know"
  7. Assign unique ID's to all users
  8. Modify pre-set security settings of 3rd party vendor software
  9. Trace all access to data by unique ID's
  10. Test your security systems and policies on a regular basis
  11. Enforce and maintain an information security policy
  12. Restrict physical access to data

Cardpay provide a secure online payment processing service.

Apply for free now

We'll give you same day approval for your application.