Compliance is serious business.
The Payment Card Industry (PCI) Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. The Council develops standards around the handling, storage and processing of credit card data.
The current standards prohibit the exchange and storage of payment information via fax, email or instant message unless those methods are secured with encryption, are restricted by need-to-know, and appropriate retention is applied. It is nearly impossible to meet these standards using traditional communication methods like email and fax.
Enter CeloPay. Our product was built from the ground-up with compliance and security in mind. We design our systems around PCI so you don’t have to.
We’ll talk you through it.
If compliance demands seem intimidating, we can help. Using CeloPay greatly simplifies the requirements around the collection, storage and retention of payment information. Give us a call or schedule a demonstration so we can happily help you check this off your list.
Our advanced compliance features put you back in control.
We’ve gone to great lengths to make advanced data security a simple, point-and-click process for you. Here are some of the ways we help you to address your own compliance needs:
PCI DSS Level 1 Data Centers
All of our global data centers are PCI DSS Level 1 certified. This means there are rigorous controls in place around the physical and electronic security of these facilities.
Two Factor Authentication
The combination of a password and a one-time code can be required in order to gain access to CeloPay. This prevents your data from being accessed even if an employee’s password is compromised.
Granular User Permissions
Give employees access to only the things they need. Our permissions module allows you to grant specific access by location and department as well as the ability to restrict viewing of payment information.
IP-based Access Restrictions
Based on your access policies, you may want to restrict access to CeloPay by IP address. This way, employees can only access CeloPay when they’re physically located at one of your sites.
Complete Audit Log
All activity within CeloPay is logged and made available to you for review and audit. You can easily trace all activity around a particular request, user or other parameters you want to search for.
Card Data Tokenization
All card numbers are tokenized which means the actual credit card number is never stored in our databases. The data we store is not useful to an attacker and cannot be used if stolen.
Enhanced Password Policies
You are in complete control of password and security policies. Parameters like password age, attempts before lockout and password retention can all be specified by your system administrator.
For security and compliance reasons, any account that has not been used in the past 90 days should be disabled. This task is normally cumbersome but can be done routinely and automatically with CeloPay.
Card Data Retention Policies
You can purge card data at anytime while still retaining all of the supporting information. We also have a customizable, time-based auto purge routine that helps to keep you compliant.
We maintain a rapid development and deployment cycle. This allows us to continually address any new vulnerabilities, bugs and security threats. And, of course, updates are always free and automatic.
Data security is our top priority.
CeloPay is here to help.
Making things easier for you and your clients is the whole reason we exist. Our product helps you to maintain strict control over security and compliance while, at the same time, delivering an unparalleled experience that is simple and flexible. Let us tell you more about our product.