Your payment details is safe with us – we are PCI DSS certified!

In the past, in addition to the massive reputational damage, the countless cases of credit card abuse have resulted in high costs for many dealers.

Especially in the travel industry, the credit card is one of the most commonly used means of payment. This often draws criminals onto the scene, prompting them to obtain sensitive customer data. As of October 2013, we are a PCI DSS certified company subjected to the highest safety standards, thus ensuring the protection of your customers against misuse.

We want to offer our customers the highest possible protection in payment services; therefore we have decided to use this complex and expensive safety precaution. This is how we respond to your requests, as well as to the needs of the market.

 

PCI-06.16

What does PCI DSS stand for?

The “Payment Card Industry Data Security Standards” – abbreviated as PCI DSS – are the global safety standards for the cashless payment transactions of the leading international credit card organizations. This IT security standard defines the mandatory technical and operational requirements for the storage, processing and transmission of cardholder data. This also includes the regular verification of the security systems and processes of the certified companies.

Here you can find further information about the PCI Security Standards Council:

http://de.pcisecuritystandards.org/minisite/en/

Our path to certification

Our certification process has lasted for one and a half years. From the police records of employees to the firewall, we have met all twelve requirement points. The most complex task was the reconstruction of the entire IT architecture: During operation, more than 500 servers have been adjusted and modified according to the safety precautions.

The PCI DSS requirements

  • Setup and maintenance of the firewall configuration for the purpose of data protection
  • No use of system passwords or other security parameters delivered and preset by the dealer
  • Protection of stored data
  • Encrypted transmission of cardholder data and sensitive information via public networks
  • Use and regular updating of anti-virus software
  • Development and maintenance of secure systems and applications
  • Restriction of data access on the basis of the need-to-know principle
  • Assignment of unique identifiers for all persons with computer access
  • Restriction of physical access to cardholder data
  • Tracking and monitoring of all access operations to network resources and cardholder data
  • Regular verification of security systems and processes
  • Adherence to the information security policy

 

 

Your advantages – increased security for your company and your customers

  • Increased data security and protection for your customers
  • Greater customer trust, thus potential for more credit card transactions and higher revenues
  • Greater protection against financial losses and compensation claims caused by security breaches
  • Protection of the company’s image by prevention of card data misuse
  • Evaluation of system safety for the storage, processing and/or transmission of cardholder data
  • Reduction of the company’s risk via data minimization and prevention

 

Our technology and your awareness can prevent credit card fraud and payment default

When you receive the card of a customer, there are many possibilities to check it for authenticity and to determine whether it actually belongs to your customer.

  • Check whether the card is genuine: The card number, expiry date and the name are, for example, embossed in the case of MasterCard and VISA and are not embossed in the case of VISA Electron. In addition, the first four digits of the embossed card number must always match the number printed below it.
  • Only accept cards that are already valid and are not expired.
  • Check whether the card number indicated on the receipt matches the card number on the front and back of the card. Please note that, due to security reasons, the card number on the signature strip or on the electronic terminal sales strip is printed partially shortened.
  • Ask the cardholder to sign the receipt/transaction slip on the front side. He/she acknowledges the receipt with his/her signature. Compare the signature on the receipt/transaction slip with the one on the card. MasterCard, VISA and VISA Electron cards are not transferrable to third parties.
  • In the case of cards with photos, compare the photo to the cardholder.
  • If suspicion arises, request an official photo ID from the cardholder. If the data are not identical or if there is doubt regarding the entitlement of the cardholder to use the card data, call the authorization service.
  • Only now should you give back the cardholder his/her card and the copy of the receipt/transaction slip.

 

Innovations for traffics customers

You can define your own security policies within the PCI DSS specifications.

Download

This may also interest you:

http://www.tagesschau.de/wirtschaft/traveltainment100.html

http://www.zeit.de/digital/datenschutz/2013-04/traveltainment-opodo-kreditkarten-datenverlust

http://eblog.fvw.de/index.cfm/2013/10/23/Verdaechtiger-Datendurst-der-USGeheimdienste

 

 

We look forward to welcoming you!

For further information, please do not hesitate to contact our Service Team:

Phone: 030 59002820 or E-mail: support@traffics.de