PCI DSS Compliance Introduction
Payment Card Industry (PCI) Data Security Standard (DSS) compliance is designed to protect businesses and their customers from credit card theft and fraud.
All payment card brands: Visa, MasterCard, American Express, Discover, JCB, and Diners Club endorse and require PCI DSS compliance for merchants and service providers.
All businesses or service providers that store, process, or transmit payment card data are required to comply with the data standard—regardless of business size or the amount of annual payment card transactions.
PCI stands for “Payment Card Industry” and incorporates best practices for handling, transmitting and storing sensitive data. CISP and PCI compliance is a lengthy and rigorous process that involves detailed examination and audits by certified third parties of a web hosting company’s servers, processes and security procedures.
Outdoors-Online.uk.com is fully PCI compliant to the highest level of PCI Compliance.
Today, non compliance can put a business out of business. Organisations have constant demands put on them to ensure compliance with legislation, local requirements and contractual commitments. Outdoors-Online.uk.com offers this level of protection due to the process used to complete a transaction. Instead of accepting the card details on our web site, Outdoors-Online redirects the cardholder to a Secure Hosted Payments Page- Sagepay, to enter their card details. This process will safely pass back the authorisation information to secure the order, excluding the card number. So the our Sales staff never see your card number.
Here at Outdoors-Online we take your Credit Card Security very seriously and have invested in these processes to ensure you that all your personal details never pass to a third party. We will ensure your Data Privacy.
We ensure that we are PCI Compliant by the following:
•Build and maintain a secure network to protect payment card information
•Maintain a vulnerability management program
•Implement strong access control measures
•Regularly monitor and test networks
•Pass quarterly remove vulnerability scans
•Maintain the highest level of “housekeeping” of any date given verbally.