Security is of utmost priority while surfing on the internet. Be it the security of your online business, or your end-customer satisfaction, this is of major importance to Novalnet. However, the word security means much more to us than just a secure data center or server. For this reason, Novalnet has ensured that its business processes are compliant to the standards of the PCI DSS* Organization (Payment Card Industry Data Security Standard). We are proud to inform you that we have successfully passed this test, thereby becoming a PCI certified company.
See Novalnet’s PCI DSS Level 1 Certificate
An overview of security requirements of PCI DSS rules and regulations
- Installation, set-up and regular updating of firewall to protect data
- No use of predetermined system passwords provided by suppliers/producers, and other security parameters
- Protection of stored data: no unnecessary storage of transaction and credit card details For example: card number, CVV2, etc.
- Cardholder data is transmitted only in encrypted form over the public network
- Usage and regular update of anti-virus programs
- Develop and maintain secure systems and applications
- Restriction of data access
- Assign unique user details including password to all persons with access to a computer system
- Limiting the use of sensitive cardholder data by restrictive access permissions
- Continuous review and monitoring of access made to cardholder data and network resources
- Ongoing-monitoring of security systems and processes
- Company policies on information security
After all, it is about your and your end-customer’s money! In order to ensure, that the payment processes are compliant to all possible security standards, this particular certification was introduced in the credit card industry. Novalnet has successfully passed this detailed and periodic examination through an external service provider. Therefore it can be confirmed in writing that we meet the strict criteria of the PCI DSS organization!
What is your advantage as a merchant? First and foremost: in most circumstances, you do not need to be PCI compliant yourself, as we have attained this already as your service provider! This way you save yourself the trouble, however still ensuring that your online business is totally safe and secure, for you and most relevantly for your end-customers.
*PCI DSS (definition from Wikipedia): The Payment Card Industry Data Security Standard, commonly abbreviated as PCI is a set of rules, regulations or standards for payments, which refers to processing of credit card transactions and is supported by all major credit card companies.
Store retailers and service providers who save, transmit and process credit card transactions need to be compliant to these standards. If you are not PCI DSS compliant, this can lead to imposition of fines, restrictions, or in the worst case a complete prohibition or ban on the processing of credit card payments.