Payment Card Industry Data Security Standard (PCI DSS)
Strict PCI DSS compliance is necessary for any business processing credit card payments. Therefore, Cleverbridge has maintained a PCI DSS compliant environment, and we are constantly checking to make sure that processes and scope remain compliant.
We do so by only accepting credit card orders submitted according to PCI DSS standards. Our platform supports submission of orders via state-of-the-art secure encryption layers, and we process all transaction requests and results via HTTPS. Cryptographic controls also provide effective mechanisms for protecting the confidentiality, authenticity and integrity of information – and our policies include the use of encryption and key management.
Our services also provide you with the following freedoms and benefits:
When you use Cleverbridge-hosted and operated payment pages, all credit card information is sent directly to cleverbridge. This means that sensitive cardholder data never passes through your system. As a result, your company does not need to implement many of the strictest PCI DSS standards.
Substantial Cost Savings
Following PCI DSS regulations is absolutely necessary for accepting credit card payments, but compliance does not come cheap. When you partner with cleverbridge, we cover the following PCI DSS compliance costs:
As estimated by Gartner for level 1 merchants (processing in excess of 6 million transactions of a single card type per year), implementation costs include:
- 200,000 USD for assessing the scope of required PCI DSS work (scope assessment during initial implementation)
- 600,000 - 1.1 million USD to meet the requirements
Recurring Auditing Fees
These hinge on a variety of factors – company size, number of transactions processed annually, existing infrastructure, credit card data scope, etc. Initial implementation is quite costly. For level 1 merchants, the average annual audit cost is 225,000 USD.
Avoidance of Violation Fines
We protect you from potentially catastrophic PCI DSS non-compliance fines, including:
- Up to 90 USD fine per cardholder data compromised
- Suspension of credit card acceptance
- Loss of brand reputation
- The cost of a PCI Qualified Forensic Investigator (130-200 USD per hour for a one- to two-year project)