Payment Card Industry (PCI) – Data Security Standards (DSS)
The Payment Card Industry (PCI) has a set of standards called the Data Security Standards (DSS). It is a mandatory compliance standard for all payment service providers, and we are certified every year to ensure our standards remain world-class.
PCI requires the highest levels of security in all areas where cardholder data is transmitted and stored. As such, we have created a multi-layered, secure payment gateway, mirrored and housed within a world-class facility at Link Bermuda.
Data is encrypted as per our PCI requirements, and intrusion detection, responses, and systems monitoring, go hand-in-hand with formalized security policies.
Critical servers are monitored round-the-clock via a sequence of advanced and automated alerts. We have support staff on call 24/7/365 to receive these alerts and respond within a 15-30 minute time period.
First Atlantic Commerce Payment Gateway
Our suite of products is designed to transmit all transaction data safely and securely over the Internet. All data exchanged between the “client” solutions on the merchant server, and our servers, is encrypted.
In addition to TLS 1.2 security, a hash signature is required with each transaction. The SHA256 hash is a security feature that enables FAC to authenticate that a transaction is from the merchant concerned, and to verify the integrity of the data received in a transaction request.