Solution Summary
The Payment Card Industry (PCI) Data Security Standards (DSS), a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized. PCI DSS consists of twelve requirements organized into six different groups.
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
The SWITCHWARE® Enterprise Transaction Processing and Management System incorporates cardholder data used to validate and authorize EFT transactions processed by the system. In accordance with the PCI DSS standards, a number of solutions have been developed to protect this sensitive cardholder data:
- Limiting access to the data
- Providing user audit trails
- Developing triggers that remove sensitive cardholder data from the stored transactions
- Data masking of critical system data
- Integration with database level encryption techniques
Please contact us for our PCI DSS compliance statement.
Full List of PA-DSS Validated Applications
Current Status
PCI S3 Framework- Our technical team recently worked with the assigned PCI-QSA auditor to validate and satisfy the requirements needed for the new PCI S3 Framework (which replaces the PA-DSS audit). Our validation is expected to complete with PCI Security Standards Council in 2023.
PA-DSS 3.2 – Our technical staff validated and satisfied the requirements needed for the PA-DSS version 3.2 with PCI Security Standards Council on September 24th, 2018.