Secure Payments Security Measures
Introduction
Payment Card Information (PCI) Data Security Standards (DSS) were created to protect consumers and their card information. Now, any company that stores, processes, or transmits card data must follow PCI compliance standards. LoanPro has made it easy to follow these standards with our sister software: Secure Payments. Secure Payments was developed to take payments and be PCI compliant so that the LoanPro loan management system (LMS) does not have to follow some of the more inconvenient rules. Secure Payments helps you protect your consumers while keeping LoanPro LMS efficient.
PCI Standards
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Use and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need to know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security for all personnel
What are Secure Payments' Security Measure?
Secure Payments follows all PCI requirements. When you use secure payments to store, process, or transmit data you can rest assured that you will be PCI compliant. Secure Payments has the following features to make compliance easier for you:
- Automatic log-out after five minutes
- Password expiration after 90 days
- Frequent API token changes
- Field validations: ensures credit/debit card data is not being stored in unintended fields (also in place in LoanPro LMS)
Secure Payments is Not
Secure Payments is not a guarantee that your company will be PCI compliant. If all information is logged in Secure Payments or a Secure Payments Iframe, the information will be protected and compliant. When Secure Payments is used as intended it will keep your company PCI compliant.
What's Next?
For more information about Secure Payments in general, check out Secure Payments 101.