Lethoff is CISP/PCI Compliant!
How Do We Protect the
Data and Meet or Exceed Industry Standards?
All retailers will and should be concerned with data
security and integrity. Data security is a set of
attitudes and actions that must be learned and observed
by every person in the customer data chain of custody.
Lethoff Gateway systems and programs are designed and
maintained to provide complete protection of cardholder
data and keep the retail chain customer in continuous
compliance with evolving CISP/PCI standards.
In a Lethoff Gateway
environment, the location where the customer data is
stored varies depending on which configuration each
chain chooses. Is the customer on the ASP or
retailer-operated model for their central
payment-switching center? Does the store POS use one of
the tightly integrated (user exits) or store
portal (message exchange) methods for data exchange?
In general, cardholder
data over which Lethoff programs have control are
deleted from in-store POS systems as soon as the
transaction is completed and no longer required for
settlement. It is always encrypted while transiting
from the store to the data center. All connections
transporting cardholder data are encrypted to meet or
exceed CISP/PCI requirements. The Lethoff Data Centers
are audited annually and scanned quarterly by PCI
certified auditors to insure continual compliance with
current CISP/PCI requirements.
|
