PCI/DSS stands for Payment Card Industry Data Security Standard. The security of your customers' data has the highest priority at MIDOCO. MIDOCO regularly undergoes PCI/DSS (Level 1) certification to ensure this security, especially with regards to your customers' credit card data. The Payment Card Industry Security Standards Council (PCI SSC) designed four certification levels. The number of transactions processed or an individual assessment of a credit card organization define the certification level. MIDOCO processes over six million transactions and falls within the scope of the PCI/DSS (Level 1) standard. With the PCI/DSS (Level 1) standard, MIDOCO implemented the highest possible level of protection for your customers' credit card data in MIDOCO mid-office.
MIDOCO processes credit card data. The PCI/DSS standard is mandatory for companies that store, process or transmit credit card data. As part of the certification process, MIDOCO regularly undergoes an independent audit that examines various areas of the company's business activities. The auditors conduct interviews with responsible personnel, review documentation, examine partner relationships and check hardware, software, databases, network architecture and the implementation of recurring security processes. Also, MIDOCO is subject to regular penetration tests. These tests detect weak points in good time and prevent attacks. The result of the investigation is a ROC (Report On Compliance) that records the status of MIDOCO regarding the PCI/DSS requirements catalogue. The auditors create and compile notes, documents, screenshots, test documentation and references during the audit. The PCI/DSS (Level 1) certification includes quarterly vulnerability scans and an annual on-site audit.The independent audit covers the following areas:
In the past, many cases of credit card fraud have severely damaged the reputation of this payment method and led to high costs. The PCI SSC was launched in 2006 by the credit card companies Visa, Mastercard, American Express, Discover Financial Services and JCB International with the task of further developing the security standards for handling credit card data. Finally, the PCI/DSS standard emerged from the security regulations of Visa and Mastercard and is binding for all credit card providers.