Daxko is committed to keeping you safe by protecting your sensitive member and financial data.
Daxko has been certified by Brightline as PCI-DSS compliant—the highest level of compliance available. Daxko Operations’ hosting facility, Datapipe, is also fully PCI-DSS compliant.
What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI-DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Failure to meet compliance standards can result in fines from credit card companies and banks and even the loss of the ability to process credit cards.
The PCI Data Security Requirements spell out what security measures must be taken to protect private information during any transaction occurring with the use of a credit card. They also require specific auditing procedures. The Payment Card Industry Data Security Standard (PCI-DSS) is used by all card brands to assure the security of the data gathered from anyone making a credit card payment at your association.
Find out more about PCI Compliance at the PCI Security Standards Council Website.
Any organization that processes credit cards must be compliant.If your software provider is not PCI compliant your association and your members could be at risk. Your association could incur fines ranging from $5,000 -$100,000 per month for PCI compliance violations.
My software provider says they are PA DSS Compliant. Is this the same as being PCI-DSS Compliant?
No. PA DSS (Payment Application Data Security Standard) requires only that the application itself be compliant. In contrast, PCI-DSS requires higher standards including compliance of the software application, hosting facility compliance, and physical security standards of the hosting facility.
What are the risks of using a non-PCI compliant software provider?
The payment brands may, at their discretion, fine an acquiring bank $5,000 to $100,000 per month for PCI compliance violations. The banks will most likely pass this fine on downstream till it eventually hits the merchant. Furthermore, the bank will also most likely either terminate your relationship or increase transaction fees. Penalties are not openly discussed nor widely publicized, but they can catastrophic to a small business.
By not using a PCI-compliant software provider your association could be at risk of:
• Credit card information data breaches
• Large fines
• Credit monitoring costs for victims
• Public relations damage control
• Class action litigation
• Loss of the trust of your community