PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC). Additional information can be found at https://www.pcisecuritystandards.org.
Digital River complies to the highest standard as a Level 1 Service Provider and Merchant. We undergo exhaustive annual audits and monthly scans by qualified assessors. To ensure compliance requirements and protect your customers, Digital River:
- Builds and maintains a secure network and systems
- Tokenizes and protects cardholder data
- Maintains a vulnerability management program
- Implements strong access control measures
- Regularly monitors and tests networks
- Maintains an information security policy
Our recommendation to ensure PCI compliance easily and effectively is to leverage our JavaScript library, DigitalRiver.js, to secure your customers’ data in a compliant manner while maintaining control over the shopping experience. Most of our clients can then easily complete a PCI Self-Assessment Questionnaire (SAQ) maintained by the PCI Security Standards Council.
Applicable documents
Document |
---|
PCI DSS Service Provider AOC report
|
PCI DSS Merchant AOC Report
|