Secure Payments Security Measures

Introduction

Payment Card Information (PCI) Data Security Standards (DSS) were created to protect consumers and their card information. Now, any company that stores, processes, or transmits card data must follow PCI compliance standards. LoanPro has made it easy to follow these standards with our sister software: Secure Payments. Secure Payments was developed to take payments and be PCI compliant so that the LoanPro loan management system (LMS) does not have to follow some of the more inconvenient rules. Secure Payments helps you protect your consumers while keeping LoanPro LMS efficient.

PCI Standards

  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored cardholder data
  4. Encrypt transmission of cardholder data across open, public networks
  5. Use and regularly update anti-virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need to know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for all personnel

What are Secure Payments' Security Measure?

Secure Payments follows all PCI requirements. When you use secure payments to store, process, or transmit data you can rest assured that you will be PCI compliant. Secure Payments has the following features to make compliance easier for you:

  • Automatic log-out after five minutes
  • Password expiration after 90 days
  • Frequent API token changes
  • Field validations: ensures credit/debit card data is not being stored in unintended fields (also in place in LoanPro LMS)

Secure Payments is Not

Secure Payments is not a guarantee that your company will be PCI compliant. If all information is logged in Secure Payments or a Secure Payments Iframe, the information will be protected and compliant. When Secure Payments is used as intended it will keep your company PCI compliant.

What's Next?

For more information about Secure Payments in general, check out Secure Payments 101.


How did we do?


Powered by HelpDocs (opens in a new tab)