A firewall configuration must be installed and maintained.
System passwords must be original (not vendor-supplied).
Stored cardholder data must be protected.
Transmissions of cardholder data across public networks must be encrypted
Anti-virus software must be used and regularly updated.
Secure systems and applications must be developed and maintained.
Cardholder data access must be restricted to a business need-to-know basis.
Every person with computer access must be assigned a unique ID.
Physical access to cardholder data must be restricted.
Access to cardholder data and network resources must be tracked and monitored.
Security systems and processes must be regularly tested.
A policy dealing with information security must be maintained.
PCI DSS compliance is the Payment Card Industry Data Security Standard, which rates a company using 4 stages that correspond to the level of compliance. PCI DSS is an independent body established by several major credit card brands in an effort to ensure businesses maintain a secure environment when processing, storing and transmitting their customer’s credit card data.
Solid is compliant with PCI DSS Level 1 and is certified as a Service Provider. We are audited on the annual basis by the Qualified Security Assessor. We are re-confirming our status with PCI DSS to ensure the reduction in security risks and breaches, lowering the risk of cardholder data threats, ensuring the highest standards in safe software development and other benefits.
We understand that in order to build a loyal and returning customer base, you need to have a sensitive and robust data handling protocol in place. That is why Solid enables automatic encryption software for whenever confidential information is shared between our merchants and servers.
We do this because when live payment details are in a readable format (such as plain text), they become an easy target for potential cyberthieves. These fraudsters are aware of this issue and search for ways to intercept and copy the data. For example, one technique is to intercept card data that is being transmitted from a card reader to a POS server.