Meeting the Payment Card Industry's Data Security Standards (PCI DSS).
For almost fifteen years, Volusion has maintained compliance with the Payment Card Industry’s Data Security Standard (PCI DSS). This standard started through extensive cooperation by the card brands (Visa, MasterCard, etc.) to ensure that businesses who process card data do so securely. Version 1.0 of the standard was released in 2004 and Volusion led the way to quickly integrate its requirements into business practices. In early 2006, Volusion completed its first audit and has remained compliant ever since. Categorized as a Level 1 Service Provider, Voluison is held to the strictest level of compliance to the PCI DSS.
The PCI DSS is broken into six high level goals to be accomplished by meeting twelve requirements (see below). Each requirement is further broken down into numerous sub-requirements (over 200 in all).
|GOALS||PCI DSS REQUIREMENTS|
|Build and Maintain a Secure Network|
|Protect Cardholder Data|
|Mantain aVulnerability Management Program|
|Implement Strong Access Control Measures|
|Regularly Monitor and Test Networks|
|Mantain an Information Security Policy|
For merchants requesting additional log data, please email firstname.lastname@example.org.
For those merchants requiring a copy of Volusion’s Attestation of Compliance (AOC), please click here.