PCI Compliance
As you know transaction security is a serious issue these days. There has been much said and much confusion has resulted. PCI (DSS) is a term that you will hear again and again. It stands for Payment Card Industry (Data Security Standards).
Visa’s CISP (Cardholder Information Security Program) and MasterCard’s SDP (Site Data Protection) programs are security initiatives that require clients to safeguard card data. Visa and MasterCard, along with the other card brands, have adopted these common industry security requirements again referred to as the Payment Card Industry Data Security Standards (PCI DSS).
Customers, businesses, and organizations using electronic forms of payment expect their cardholder data to be stored securely and privately. Paperless Transaction Corp., in partnership with the Card Brands, data security firms and national Issuing Banks, aims to help educate its clients on the basics of data security and the mandatory industry requirements around the protection of data throughout the payment transaction process.
Regarding the Hosted Donation/Payment Page, we have ensured that all of the sensitive credit card information is always encrypted upon entry for security purposes. Additionally, the credit card information (even for recurring transactions) is never stored. We have a secure Profile Management system so that recurring transactions are only tied to a Profile ID (and not the actual credit card information) to add another level of online security.
Basically, the primary point of emphasis of PCI Compliance is that the credit card transaction has been made secure from the entry point (p2p site) to the “back end” credit card processor (Paymentech via Orbital). You can rest easy; all your transactions are PCI compliant with Paperless Transactions Corporation—which means they are safe and secure.