PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, and has been endorsed by all the major card brands â Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. The PCI DSS is a framework for the secure handling of cardholder data. Under the PCI DSS, payment service provider compliance requirements are segmented into three levels based on the number of transactions processed and/or transmitted annually.
To obtain PCI DSS compliance validation, Capita Software Services had to meet the stringent security requirements of the credit card brands, submitting to a rigorous review of its information security policies, procedures and IT environment. Trustwave performed the following:
Â· Gap Analysis: Determines the effectiveness of current security controls
Â· Compliance Validation: Remote and on-site data security and compliance management solutions to complete the PCI validation process, address any discovered vulnerabilities and achieve and maintain PCI compliance.
Â· Remediation Recommendations: A Compliance Report that includes data gathered from the Selfassessment Questionnaire and vulnerability scan, and outlines actions required to address any vulnerability.
Â· On-Site Audit: Required by PCI DSS regulations, a yearly on-site assessment of the IT environment.
Â· Report on Compliance: To benchmark Capita with the PCI DSS.
Over 150 organizations (primarily public sector ) take payments using Capitaâs AXIS managed services products (which include Internet Payments, Touch Tone and Payment Portal). With the heightened focus on card security and security of citizen data in general, these organizations and the 400,000 citizens who regularly use these products to make payments around the clock will be assured that their payments are being processed in line with the stringent controls around security that the standard dictates. Capitaâs compliance achieves yet another first in card security among the major suppliers to the Local Authority marketplace.
âWe are delighted to have attained PCI DSS compliance. We have continued to invest heavily in infrastructure, processes and our dedicated in-house Managed Services team, who have put in a great deal of effort in order to reach this stage,â says David Lockie, associate director of Capita Public Sector Software. âOur customers and their customers in turn can be assured that we remain committed to ensuring that the AXIS products and services lead the way in card security measures and data security in general.â
âWith PCI DSS compliance validation Capita Software Services has satisfied the industryâs most rigorous criteria to protect credit card information, putting their AXIS portfolio at the forefront of card security,â says Robert J. McCullen, chairman and CEO of Trustwave.