PCI SecureSite, is an integrated e-commerce compliance solution that secures merchant transactions at every critical juncture – from the web hosting provider to the shopping cart to the payment gateway. Ambiron and Mercantec have submitted a formal report to Visa USA for validation of the solution as the industry’s first official “end-to-end†compliance solution. Bank and ISO Benefits For acquiring banks and Independent Sales Organizations (ISOs) who underwrite and manage thousands of merchants, the integrated solution provides assurance that their merchants and service providers are operating in a manner consistent with the industry data security standards, thereby reducing the risk of fraud among their merchant population. Merchant Benefits For small merchants – Payment Card Industry (PCI) Level 3 and Level 4 merchants – who adopt the integrated solution for the transaction process, their compliance with card association data security standards would be automatically validated. As a result, the risk of unauthorized access to cardholder data they process, store and/or transmit would be significantly reduced along with the risk that they will be fined for non-compliance with industry data security standards. PCI SecureSite is comprised of four distinct components: Shared Web Hosting, Storefront Software Application/Shopping Cart, Payment Gateway, and Qualified Security Assessor and Scanning. * WebXess (Shared Web Hosting) – WebXess provides infrastructure that hosts the storefront software application. For the integrated solution, WebXess is responsible for all physical security, provisioning, access controls to their servers, server configurations and device management. In addition, WebXess is responsible for ensuring that the e-commerce software application is implemented in accordance with Mercantec’s instructions, and in a manner that supports compliance with the PCI. * Mercantec (Storefront Software Application/Shopping Cart) – Mercantec’s PowerCommerce 2005 is the storefront software and shopping cart element of the integrated solution. It has been validated by Visa USA as an approved application in conjunction with Visa’s Payment Application Best Practices (PABP) standard. Mercantec is also responsible for ensuring that their PowerCommerce 2005 is securely and seamlessly integrated with compliant payment gateways. * Authorize.Net (Payment Gateway) – Authorize.Net provides Internet Protocol (IP) based payment gateway solutions-enabling merchants to authorize, settle and manage electronic transaction--for the integrated compliance solution. Authorize.Net has been validated for compliance with Visa USAs Cardholder Information Security Program (CISP). * Ambiron (Qualified Security Assessor) - Ambiron has been engaged as the Qualified Security Assessor (QSA) to validate the compliance of the Integrated Compliance Solution. Ambiron’s responsibilities include assessing the integration of the component parts, conducting physical and technological assessments consistent with the PCI auditing procedures, and conducting monthly Vital Signs security scans as required by the PCI. Ambiron is a QSA for all the card associations.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now