Is Your Data Secure?

Daxko Has Obtained Highest Level of Data Security Compliance.

Daxko is committed to keeping you safe by protecting your sensitive member and financial data. If your software provider is not PCI compliant your association and your members could be at risk.

Your association could incur fines ranging from $5,000 -$100,000 per month for PCI compliance violations.

Any organization that processes credit cards must be compliant.

Daxko is included on the Global List of PCI-DSS Validated Service Providers.

Brightline has assessed Daxko Operations and found it fully meets the requirements for PCI-DSS compliance. Daxko has been certified by Brightline as PCI-DSS compliant—the highest level of compliance available. Daxko Operations’ hosting facility, Rackspace, is also fully PCI-DSS compliant.

How can I find out if my software provider is PCI Compliant?
Ask your software provider if they are certified PCI-DSS compliant. If they are not, then you could be at risk. Click here to find out if your vendor is certified PCI-DSS compliant. Daxko is among the list of certified PCI-DSS compliant vendors.

My software provider says they are PA DSS Compliant. Is this the same as being PCI-DSS Compliant?
No. PA DSS (Payment Application Data Security Standard) requires only that the application itself be compliant. In contrast, PCI-DSS requires higher standards including compliance of the software application, hosting facility compliance, and physical security standards of the hosting facility.

What are the risks of using a non-PCI compliant software provider?
The payment brands may, at their discretion, fine an acquiring bank $5,000 to $100,000 per month for PCI compliance violations. The banks will most likely pass this fine on downstream till it eventually hits the merchant. Furthermore, the bank will also most likely either terminate your relationship or increase transaction fees. Penalties are not openly discussed nor widely publicized, but they can catastrophic to a small business.

It is important to be familiar with your merchant account agreement, which should outline your exposure.

By not using a PCI-compliant software provider your association could be at risk of:
• Credit card information data breaches
• Large fines
• Credit monitoring costs for victims
• Public relations damage control
• Class action litigation
• Loss of the trust of your community

What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI-DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Failure to meet compliance standards can result in fines from credit card companies and banks and even the loss of the ability to process credit cards.

The PCI Data Security Requirements spell out what security measures must be taken to protect private information during any transaction occurring with the use of a credit card. They also require specific auditing procedures. The Payment Card Industry Data Security Standard (PCI-DSS) is used by all card brands to assure the security of the data gathered from anyone making a credit card payment at your association.

Find out more about PCI Compliance
PCI Security Standards Council Website
Payment Card Industry Security Standards Overview
Getting Started with PCI Data Security Standard
Ten Common Myths of PCI-DSS
PCI Data Security Standards Video