Realex Payments has achieved the Payment Card Industry Data Security Standard Version 3.0 (PCI-DSS v3.0) well in advance of mandatory implementation in 2015.
PCI -DSS Version 3.0 was released by the Payment Card Industry Security Standards Council to make payment security a central and ongoing feature of day-to-day organisational activities and behaviours.
As a provider of payment processing services handling more than 175 million transactions per annum for thousands of companies trading online, security is critical to our business. The protection of sensitive customer information at all times is so paramount that it forms one of our five organisational values which guide and inform everything we do.
We, therefore, took the step to implement PCI-DSS v3.0 compliance at the earliest possible opportunity to ensure our security infrastructure remains at the very forefront of industry standards.
Far beyond a mere box-ticking exercise, Version 3.0 introduces more flexibility, an increased focus on regular staff training and education about security best practices and a greater organisational awareness of security as a shared responsibility.
The guidelines as set out in the new standard are designed to make compliance a daily, continuous process rather than a snapshot report of a company’s compliance with the standard at a particular point in time.
Compliance with PCI-DSS v3.0 is, therefore, not a set-it-and-forget-it mentality. Rather, it places a requirement on certified companies to manage more than 300 security controls on a daily, weekly and monthly basis.
To achieve this level of compliance, Realex Payments was required to furnish over 870 documents and evidence across numerous areas of our business to prove compliance with the more than 300 security controls.
If you would like to find out more about our security infrastructure, please visit our Service and Reliability page.
Alternatively, take a look at our system infrastructure and capacity presented by Realex Payments Head of IT Operations, Fergus Roche.