Payment Card Industry (PCI) Compliance
Retail Pro adheres to the security standards laid out by the PCI Council for the Payment Application – Data Security Standards (PA-DSS).
PCI DSS and PA-DSS – What is it?
The PCI DSS is a comprehensive set of security requirements agreed upon by members of the PCI Council intended to provide protection for consumer payment account data. The PCI Council consists of thought leaders from the payment industry including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate broad adoption of consistent data security measures on a global basis.
PA-DSS is the Council-managed program formerly under the supervision of the Visa Inc. program known as Payment Application Best Practices (PABP). The goal of PA-DSS is to help software vendors and others develop secure payment applications that do not store prohibited data such as full magnetic stripe, CVV2 or PIN data, and ensure their payment applications support compliance with the PCI DSS.
Both the PCI DSS and PA-DSS include requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. These standards are intended to help organizations and software vendors proactively protect consumer account data.
At the core of the PCI DSS and PA-DSS are a group of principles and accompanying requirements, around which the specific elements of the DSS are organized.
These principles include:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
How can Pioneer Solutions help me with PCI?
We consider the protection and integrity of payment information to be of the highest importance and take the security around this data very seriously. Retail Pro has taken broad measures to ensure both the retailer and consumer’s payment data is protected in accordance with the PCI standards outlined within the PA-DSS.
Our Retail Pro applications are routinely monitored and validated by Payment Application-Qualified Security Assessors (PA-QSAs), as approved by the PCI-SSC, to ensure all payment functionality adheres to the PCI Council’s strict standards. Through the use of Retail Pro the consumer can rest assured that all appropriate steps and recautions are taken to protect the transmission and storage of their credit card information.
We also partner with PCI compliant payment partners such as YESpay & Global Blue.
For more information about the PCI Data Security Standard and Payment Application – Data Security Standard, visit www.pcisecuritystandards.org.