PCI/DSS Compliance

PCI/DSS Compliance.

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information-security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.

The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.

Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.

True Digital Security, Inc. has provided PCI-DSS consulting and security testing services to support our digital platform's annual PCI-DSS compliance program.

The True Digital Security engagement and scope are documented in the attached letter from True Digital Security.

Click here to view iDonate's PCI-DSS Compliance letter.

Information related to PCI Compliance can be found on the PCI website: https://www.pcisecuritystandards.org/pci_security/