Security is a crucial component in credit card processing. It applies to all entities involved in payment processing—which includes merchants, processors, acquirers, issuers and service providers. All are responsible for maintaining high security standards for cardholder data. Maintaining PCI Compliance is also important because:
- It’s vital to long-term success of merchants that process Credit Cards.
- Merchants that are not PCI Compliant could lose credibility if there is a breach or theft of cardholder data, which is hard for an organization to come back from.
- Merchants could lose the ability to accept payment cards
At PDCflow, we are constantly finding ways to stay ahead of the curve and maintain our PCI Compliance giving our clients piece of mind while taking payments. Here are just a few ways we accomplish this:
- Cardholder data is tokenized, encrypted and kept on our servers, so it’s never stored on your system.
- Our security auditors perform monthly scans of our systems for any vulnerabilities.
- Maintain the firewalls (including web application firewalls)
- Undergo an annual On-Site Audit
- Only the lowest level of compliance is required from our clients because we perform all of the above.
Our Preferred Vendor, Newtek is partnered with Trustwave to ensure that their merchants meet PCI DSS version 3.0 as regulated by Visa/Mastercard. Trustwave is one of the world’s leading suppliers of data security services, compliance and threat intelligence solutions and is an authorized PCI Forensic Investigator.
Newtek charges it’s merchants a $60 annual fee which includes the self-assessment questionnaire, sample security policies (required), security awareness training (required), website scanning, if required, and various other tools. This is something that can be acquired on your own, but these services typically cost much more than $60. This fee is broken down to a $5.00 per month charge that clients will see on their monthly statement.
We keep an updated copy of our most recent PCI Level 1 Compliance Certificate on our Help Center. For additional information about PCI Compliance, please see the attached document.