The Payment Card Industry Data Service Standard (PCI DSS) is a global security standard for card data. The main purpose of PCI DSS yields an effective protection against theft and misuse.
Since March 2017 RaiseNow is officially listed on the Visa Europe Merchant Agent List. You can download the list here.
This list indicates that we have successfully completed a Merchant Agent Registration Form (MARF) and have validated the Payment Card Industry Data Security Standard (PCI DSS) compliance.
Six will ask you yearly to update your PCI DSS license.
RaiseNow will conduct yearly licensing of PCI DSS for customers of the RaiseNow E-Payment solution for free.
As a customer of the RaiseNow E-Payment solution, you already satisfy the most of PCI DSS requirements.
Feel free to send us the letter of Six concerning the request to license your PCI DSS. If you already conduct a license in the past, forward us your login details. We will provide a technical contact and refresh you certification yearly.
Send us your details to firstname.lastname@example.org.
These are the 12 binding requirements of PCI DSS:
I. Setup and maintenance of secure networks and systems
1. Installation and maintenance of a firewall configuration to protect cardholder data
2. Agreement not to use any standard settings for system passwords and other security parameters supplied by the provider
II. Protection of cardholder data
3. Protection of saved cardholder data
4. Encryption during transmission of cardholder data via open, public networks
III. Maintenance of a vulnerability management program
5. Protection of all systems against malware and regular updates of antivirus software and programs
6. Development and maintenance of secure systems and applications
IV. Implementation of strict access control measures
7. Restriction of access to cardholder data based on business information requirements
8. Identification and authentication of access to system components
9. Restriction of physical access to cardholder data
V. Regular monitoring and regular testing of networks
10. Tracking and monitoring of overall access to network resources and cardholder data
11. Regular testing of security systems and processes
VI. Compliance with an information security guideline
12. Application of an information security guideline for the entire workforce