It’s no secret that online vendors are susceptible to credit card fraud and so credit card companies have long sought for ways to curtail this. All fulfillment vendors are required to adhere to the requirements set by the PCI Security Standards Council, without exception.
We adhere to PCI Compliance and follow the PCI security compliance requirements specified by the Payment Card Industry Program. These are a set of procedures designed to ensure financial data security and minimize credit card fraud in online transactions.
Transmission of a cardholder data across open public networks such as from a shopping cart to our Warehouse Management System (WMS) must be encrypted. We ensure this PCI compliance by insisting this data be encrypted in the fulfillment order files our clients send us daily from their shopping carts or internal applications.
PCI Compliance also stipulates that merchants maintain a detailed log of who has access and who looked at that data. This become crystal clear when you consider that many merchant compromises are not limited to hackers, but also stem from employees. We maintain a security data access log as part of our PCI security compliance, and we further that by performing background tests on our employees.
We also restrict access to cardholder data as part of our PCI compliance. The data is encrypted in our WMS. The data is purged, and each user’s access to the secure data is recorded.
We realize this is a lot of technical details – yet another benefit for you in using a Fulfillment partner such as us! We handle this and so much more so you don’t have to.
PCI security compliance requirement
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored data
- Encrypt transmission of cardholder data across open, public networks
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
- Restrict access to cardholder data
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security
Losses due to fraudulent payments are greatly diminished with the use of PCI compliance, and your consumers are happy and confident knowing we provide the security they seek when placing fulfillment orders online.