PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, and has been endorsed by all the major card brands â Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. Under the PCI DSS, payment service provider compliance requirements are segmented into three levels based on the number of transactions processed and/or transmitted annually.
To validate compliance with the PCI DSS, Ctopay had to demonstrate compliance with 12 stringent security requirements by thoroughly reviewing its IT environment and information security policies and procedures. To maintain their compliance, Ctopay has enrolled in Trustwaveâs on-demand compliance management solution, TrustKeeperÂ® to have the necessary tools to support on-going compliance such as quarterly network vulnerability scans.
âAs a payment service provider, we need to maintain a secure environment not only for our business, but also to ensure the security of our merchants who use our services globally to process e-payments,â says Wiky Ding, chief technology officer at Ctopay. âSecurity of cardholder data is a priority for our organization and Trustwave has helped us achieve the highest compliance standard.â
âCtopay is taking a leadership role by securing their environment to protect every transaction they process,â says Robert J. McCullen, chairman and CEO of Trustwave. âTrustwaveâs full suite of compliance solutions has increased Ctopayâs network security capabilities, creating a more secure environment for themselves and their customers.â
âBy working with Trustwave, Ctopay is taking the necessary steps to secure payment practices as an integral part of their business,â says Sophia Chen, director of Northern Asia Pacific for Trustwave.