ACI Worldwide
 
case studies products News and Events services trends support
Home
 

Internet-based hacking, theft of cardholder information, and the resulting liability and losses from identity theft and fraud have dramatically increased in recent years. In October 2006, the Privacy Rights Clearinghouse revealed that more than 330 data loss incidents involving more than 93 million individual records occurred since February 2005. Moreover, the cost of each data breach ranged from less than US$1 million to more than US$22 million. Following several years of high-profile stories about payment card security breaches, there is concern that consumers will lose confidence in payment cards.

In response to the data security breaches, the card associations have mandated standards and best practices for the protection of cardholder data. In 2004, the card associations coordinated their individual requirements into a standard set of documents now shared by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa. This effort yielded the primary documents for the Payment Card Industry (PCI) Data Security Standard (DSS) and the Payment Card Industry Application Best Practices (PABP).

The PCI DSS aims to create cardholder confidence in payment cards by ensuring their cardholder information is secure at every stage of the transaction process. The DSS doesn't require technology changes but rather adherence to known best practices.

The organizations behind the PCI Standard not only develop technical specifications, but they also have set a series of objectives and deadlines. For example, by 30 June 2007, all retailers, financial services institutions and businesses that accept card payments must be compliant with the PCI Standard, although some regions set earlier deadlines. Noncompliant organizations face the threat of substantial brand damage, loss of customers, fines or even exclusion from accepting card payments because of the risk of losing cardholder data.

ACI Worldwide can help organizations achieve PCI compliance. Application and transaction security have always been a critical part of ACI's product design strategy. ACI’s PCI assessment program is just one part of a proactive strategy to address today's evolving security standards. ACI has also developed best practice guidelines on areas such as access security and has modified internal procedures to meet these standards.

PCI Compliant ACI products:

BASE24-atm ®
BASE24-pos ®
ACI RetailCommerce ServerTM

Where To Find More Information:

The PCI DSS can be downloaded from the PCI Security Standards Council’s Web site.

Each card association has its own program of enforcement. Information about the individual card association programs can be found at:

Contact us to learn more about PCI compliance.
 


 
   
 
company | contacts | careers | investors | user groups | partners | search | home
 
solutions | case studies | products | news and events | trends | support | site map
   
  The entirety of this Web site is copyright © 2008 ACI Worldwide, Inc.
All products are trademarks or registered trademarks of their respective companies.   Disclaimer
Web site comments/questions? Click here to contact the Webmaster.