PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC). Additional information can be found at https://www.pcisecuritystandards.org.
Digital River complies to the highest standard as a Level 1 Service Provider and Merchant. We undergo exhaustive annual audits and monthly scans by qualified assessors. To ensure compliance requirements and protect your customers, Digital River:
- Builds and maintains a secure network and systems
- Tokenizes and protects cardholder data
- Maintains a vulnerability management program
- Implements strong access control measures
- Regularly monitors and tests networks
- Maintains an information security policy
Our recommendation to ensure PCI compliance easily and effectively is to leverage our JavaScript library, DigitalRiver.js, to secure your customers’ data in a compliant manner while maintaining control over the shopping experience. Most of our clients can then easily complete a PCI Self-Assessment Questionnaire (SAQ) maintained by the PCI Security Standards Council.
Applicable documents
Document | Last Updated |
---|---|
PCI DSS V3.2.1 - AOC-DR 2020 Merchant
|
07/01/2020 |
PCI DSS V3.2.1 - AOC-DR 2020 Service Provider
|
07/01/2020 |