Payment Card Industry Data Security Standard (PCI DSS)
|
PCI DSS is a multifaceted set of comprehensive security requirements for enhancing
payment account data security. If your organization accepts, processes, or stores credit
card information, you must comply with the standards set by the PCI DSS.
You must validate your compliance periodically. Failure to comply with this standard
can result in fines or risk your ability to process credit card payments.
|
Futurex Hardware Security Module and Key Management solutions are designed to encrypt
and store all your sensitive data securely within our Tamper Resistant Security Module, which is designed to meet:
- ANSI X9.24
- FIPS 140-3 level 3
- PCI compliant specifications
Learn more about how Futurex
Hardware Security Modules and
Key Management Servers
solutions can help you meet the PCI DSS compliance standard.
|
Federal Information Processing Standards (FIPS 140-2 Level 3)
|
This is a U.S. government security standard that accredits cryptographic modules used with a
security system protecting sensitive, but unclassified, information.
The Level 3 aspect adds requirements for physical tamper-resistance and identity-based
authentication. It also has requirements for a physical or logical separation between
the interfaces by which "critical security parameters" enter and leave the module,
and its other interfaces.
Selecting a data encryption device that does not meet this high-level security standard could leave you and
your highly sensitive data vulnerable.
|
Being FIPS 140-2 Level 3 standard means that our products are amongst the most highly secure devices in the industry.
All Futurex products fully adhere to the ANSI X9.24 definition of being a Tamper Restraint Security Module and all
sensitive data is stored within that cryptographic boundary. This guarantees that you are getting the most secure
encryption solution in the industry.
An independent third party (NIST) has validated the capabilities of our Hardware Security Modules, awarding them with a FIPS 140-2 Level 3 validation.
Learn more about our FIPS 140-2 Level 3 Hardware Security Modules and
Key Management Servers and which one can fit your
needs.
|
TR-39 / Network Audits
|
TR-39 is an ANSI-based technical audit of PIN debit transactions within Automated Teller
Machine (ATM) or Point of Sale (POS) environments.
If you deal with PIN debit transactions within ATM or POS environments and/or maintain a
processing network that connects directly to an online debit network for transaction
processing then you must comply with TR-39. The audit is now mandatory by all major
Electronic Fund Transfer (EFT) networks such as Star, NYCE and Pulse of their members
on a bi-annual basis.
|
Our Solutions Architects and Xceptional Support team members are TR-39 certified and can
help you fully prepare for your internal and external network audits.
Having certified auditors on staff is just another example of the high standards that
have been established to provide our customers with compliance based solutions.
Futurex is also a member of the ANSI X9.24 committee, which ensures that our data
encryption solutions are not only compliant today, but in the future as well.
Learn more about Futurex Xceptional Support and how our dedicated team can help you with your business needs.
|
