strDescription
HOMEPRODUCT & SERVICES ABOUT NCMSCASE STUDIES CONTACT US


Support Chat
Services
ACH Processing
High Risk Check Processing
Credit Card Processing
Check 21
Check Verification
ACH Collection Services
ID Verification - Authentication
Web Payments
Business Cash Advance
Check Recovery
Consolidated Returns
Products
Virtual Terminal
Payment Gateway
Batch Processing Systems
SoftTerminal
Credit Card Terminals
Mobile Credit Card Terminals
Payment Processing Software
Promotions
Check 21
ACH
BBOnLine Reliability

National Cash Management Systems

CISP and PCI Security Standards

All products offered through National Cash Management Systems (NCMS) comply with both Cardholder Information Security Program (CISP) and Payment Card Industry (PCI) security standards, affording merchants the highest level of data and payment security available.

CISP compliance is required of all merchants and service providers who store, process, or transmit Visa cardholder data. The program applies to all payment channels, including retail (brick-and-mortar), mail/telephone order, and e-commerce. To achieve compliance with CISP, merchants and service providers must adhere to the Payment Card Industry (PCI) Data Security Standard, which offers a single approach to safeguarding sensitive data for all card brands.

PCI consists of 12 technology requirements regarding security:

PCI Data Security Standard

Build and Maintain a Secure Network
  1. Install and maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data
  1. Protect stored data
  2. Encrypt transmission of cardholder data and sensitive information across public networks

Maintain a Vulnerability Management Program
  1. Use and regularly update anti-virus software
  2. Develop and maintain secure systems and applications

Implement Strong Access Control Measures
  1. Restrict access to data by business need-to-know
  2. Assign a unique ID to each person with computer access
  3. Restrict physical access to cardholder data

Regularly Monitor and Test Networks
  1. Track and monitor all access to network resources and cardholder data
  2. Regularly test security systems and processes

Maintain an Information Security Policy
  1. Maintain a policy that addresses information security

This standard resulted from collaboration between Visa and MasterCard to create common industry security requirements, incorporating the CISP requirements. Other card companies operating in the U.S. have also endorsed the PCI Data Security Standard within their respective programs.

Using the PCI Data Security Standard as its framework, CISP provides the tools and measurements needed to protect against cardholder data exposure and compromise across the entire payment industry.

 
Copyright ©1997 - by National Cash Management Systems (NCMS)  All rights reserved.   Privacy Statement
Lewis Holdings, Inc. is a registered ISO/MSP for HSBC Bank USA, National Association, Buffalo, NY. Powered by Imaginuity