Payment Card Industry (PCI) – Data Security Standards (DSS)
We take data and transactional security seriously and security is at the core of everything we do. The Payment Card Industry (PCI) has a set of standards called the Data Security Standards (DSS). It is a mandatory compliance standard for all payment service providers, and we are certified every year to ensure our standards remain world-class.
PCI requires the highest levels of security in all areas where cardholder data is transmitted and stored. As such, we have created a multi-layered, secure payment gateway, mirrored and housed within a world-class facility at Link Bermuda.
Data is encrypted as per our PCI requirements, and intrusion detection, responses, and systems monitoring, go hand-in-hand with formalized security policies.
Critical servers are monitored round-the-clock via a sequence of advanced, and automated, alerts. We have support staff on call 24/7/365 to receive these alerts and respond within a 15-30 minute time period.
The cGate® Secure suite of products is designed to transmit all transaction data safely and securely over the Internet. All data exchanged between the cGate®Secure “client” solutions on the merchant server, and our servers, is encrypted.
In addition to SSL security, a hash signature is required with each transaction. The SHA1 hash is a security feature that enables the merchant and FAC to identify that the transaction results are from an authorized server source, and to verify the integrity of the data received in a transaction request.
Account Information Security (AIS) — now part of PCI DSS
This is a certification by Visa and we were one of the first companies in the Latin American Caribbean Region (LACR) to have achieved this standard. In 2004, the AIS requirements were incorporated into the industry standard, PCI DSS. But Visa maintains the AIS program as the managing program for data security (based on PCI DSS) compliance enforcement and validation initiatives.
If you would like to see a copy of our PCI certificate, please view here. PCI-DSS-v3_2_1-AOC-FAC_2019_Final