Payment Card Industry Data Security Standard Compliance: If you want a telephilanthropy partner that meets the requirements set out by Visa, Mastercard, American Express, and Discover for protecting your merchant account status when allowing commitments to be paid by credit card, DirectLine is the only proven choice.
- Every Pledge recorded and verified;
- PCI/DSS Compliant (Third Party Servicer, Level 2);
- Real-time access to data;
- Guaranteed Performance.
Why is it essential that you use a vendor who is PCI DSS compliant?
Over the last few years there have been a variety of initiatives brought forth by each of the different credit card networks. In December 2004, the Card Associations came together to create a single security program to set a single standard: the Payment Card Industry Data Security Standards (PCI DSS). This alliance is recognized by all payment card brands. Organizations who accept any of these cards must participate in this program.
Your merchant card network requires that you comply with PCI DSS, and utilize only PCI DSS certified vendors. Any vendor, with which you choose to do business, that collects credit card information on your behalf, must be able to provide proof of their PCI DSS compliance.
The PCI Standard states that all merchants (you) who "process, store or transmit" cardholder data, and any vendor used by a merchant, must be in compliance. Any merchant or vendor who could expose cardholder data or has a public IP address needs to demonstrate compliance with PCI DSS requirements. DirectLine Technologies does not accept credit cards and thus has no merchant liability. However, our clients who accept credit cards do have liability, and under merchant agreements with the Payment Card Industry members those clients must also insure that their service providers are certified as compliant.
Fines are being imposed by MasterCard and Visa when card data is compromised. The fines can be as much as $250,000 per incident depending on the amount of compromised information. The card companies state that if a merchant is compromised and it is determined that they or their vendors were not in compliance, a fine will be imposed.
DirectLine is a Level 2 TPS (Third Party Servicer) compliant with the PCI DSS standards by McAfee Secure, the world's largest authorized PCI scanning service. This is to insure your compliance as mandated by your agreements with payment card issuers. Because of the small number of credit card transactions processed by DirectLine Technologies, Inc. we are a Level 2 TPS. Listing in the Visa Global Registry of Service Providers is limited to Level 1 Service Providers.) Click on the "PCI Security Requirements" menu to view the Visa supplied documentation.
*Scan results valid for 90 days from date of scan (valid through September 22, 2013).
The following websites can provide you with detailed information on the requirements of the program: www.visa.com/cisp and https://sdp.mastercardintl.com.
|