In simple terms, PCI DSS is a scheme where the payment card industry has put into place extra safety checks and security so that compliant merchants, such as Wired2Fire Ltd, can offer the safest possible form of payment card processing and keep you protected from Card Fraud.
Requirements
Control Objectives | PCI DSS Requirements |
---|---|
Build and Maintain a Secure Network | 1. Install and maintain a firewall configuration to protect cardholder data |
2. Do not use vendor-supplied defaults for system passwords and other security parameters | |
Protect Cardholder Data | 3. Protect stored cardholder data |
4. Encrypt transmission of cardholder data across open, public networks | |
Maintain a Vulnerability Management Program | 5. Use and regularly update anti-virus software on all systems commonly affected by malware |
6. Develop and maintain secure systems and applications | |
Implement Strong Access Control Measures | 7. Restrict access to cardholder data by business need-to-know |
8. Assign a unique ID to each person with computer access | |
9. Restrict physical access to cardholder data | |
Regularly Monitor and Test Networks | 10. Track and monitor all access to network resources and cardholder data |
11. Regularly test security systems and processes | |
Maintain an Information Security Policy | 12. Maintain a policy that addresses information security |
Compliance
Wired2fire maintains PCI Version 2.0 compliance and we are assessed annually for compliance. We are also subject to quarterly vulnerability scans to check all our card processing systems are secure. Wired2Fire operates its PCI DSS in collaboration with Securitymetrics, an industry-leading Data security and Compliance company.
Card Processing
All our card transactions are processed by Sage Pay, the leading online card payment provider in the UK. Sage Pay provides advance payment fraud screening protection to ensure that your card data remains secure. We also operate 3D Secure password protected card payments to reduce card fraud.