PayJunction provides business owners with helpful features like cards on file and electronic signature capture. These features go above and beyond the old-school technology many businesses still use, but they naturally lead business owners to ask, “How is this secure?” They may also ask themselves, "What is PCI compliance?"
We don’t outsource our security measures. Instead, we store all cardholder data internally. PayJunction is secure to the highest industry standard: Level 1 PCI DSS. Compliance requires annual audits and tireless work to maintain our systems. That said, just because you use PayJunction does not mean you’re completely secure. As a PayJunction customer, it’s your responsibility to do all you can to ensure your network and computer aren’t compromised. Don’t worry, we have a stellar support team that can assist you if you’re unsure of your internal security.
To put your concerns to rest, let’s review how PayJunction maintains a secure environment and what you can do to protect your business.
PCI DSS Verification and Protocol
It’s easy to check whether a provider is PCI compliant. You can simply visit the Visa Global Registry of Service Providers page, type the provider’s name and see whether it’s PCI compliant and when its annual validation expires.
To earn a spot on this list, PayJunction undergoes annual audits. An independent auditor verified by the card brands (Visa, Discover, Amex and MasterCard) visits all our facilities and tests our systems to identify weaknesses and vulnerabilities. As an added measure, we enlist the help of another third-party security firm to run its own penetration tests.
Although all cardholder information is encrypted, we implement numerous safety measures — ranging from security cameras to badged entry and exit from our facilities — to ensure our data is protected. Basically, our facilities are locked up like a fortress. We undergo annual audits to stay up to date with the newest standards and technologies available.
What You Can Do to Remain Secure
As stated before, our security does not ensure yours. This is true for all providers. When it comes to merchant credit card processing, there are a few simple things you should be doing to protect cardholder data:
- Implement anti-virus protection
- Operate a secure Wi-Fi network
- Update your programs and operating system to the most current version
- Eliminate physical storage of credit card data
- Eliminate processes that transmit card data via methods that are not secure (i.e. email)
- Use strong passwords
Other providers charge a PCI fee and require businesses to complete a questionnaire to confirm they’re doing all they can to be secure. We don’t charge this fee, and the questionnaire is available for free to everyone. The questionnaire recommends simple, practical, security measures to ensure you stay safe from hackers and viruses that can steal personal data, including card information. In addition, if you notice suspicious activity on your account, our support team can help diagnose the problem and put your account on hold if we identify a security risk.
Together, we can ensure the security of all cardholder data and peace of mind for you and your customers.
Still eager to learn more about what is PCI compliance? Read our support article for a more technical overview and comment below with questions!