Compliance

Meeting the Payment Card Industry's Data Security Standards (PCI DSS).

Compliance

Meeting the Payment Card Industry's Data Security Standards (PCI DSS).

For almost fifteen years, Volusion has maintained compliance with the Payment Card Industry’s Data Security Standard (PCI DSS). This standard started through extensive cooperation by the card brands (Visa, MasterCard, etc.) to ensure that businesses who process card data do so securely. Version 1.0 of the standard was released in 2004 and Volusion led the way to quickly integrate its requirements into business practices. In early 2006, Volusion completed its first audit and has remained compliant ever since. Categorized as a Level 1 Service Provider, Voluison is held to the strictest level of compliance to the PCI DSS.

PCI DSS

The PCI DSS is broken into six high level goals to be accomplished by meeting twelve requirements (see below). Each requirement is further broken down into numerous sub-requirements (over 200 in all).

GOALSPCI DSS REQUIREMENTS
Build and Maintain a Secure Network1. Install and mantain a firewall configuration to protect cardholder Data
2. Do not use vendor-supplied defaults system passwords and other security parameters
Protect Cardholder Data3. Protect store cardholder data
4. Encrypt transmission of cardholder data across open, public networks
Mantain a Vulnerability Management Program5. Use and regularly update anti-virus software or programs
6. Develop and mantain secure systems and applications
Implement Strong Access Control Measures7. Restrict access to cardholder data by bussiness need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
Mantain an Information Security Policy12. Maintain a policy that addresses information security for employees and contractors

For those merchants requiring a copy of Volusion’s Attestation of Compliance (AOC), please click here.

  • © 2020 Volusion, LLC.
    1835 Kramer Ln A100 Austin TX 78758 United States
  • Volusion is a registered ISO of Wells Fargo Bank, N.A., Concord, CA