TransFirst
Home PageAbout TransFirstProducts & ServicesMarket ExpertisePartnershipsCompany NewsContact Us
TransFirst Payment Processing
 
TransFirst Overview

History

Leadership

News

FAQs

Careers


Customer Data Protection Program

As a leading service provider for transaction processing and payment solutions, TRANSFIRST established a comprehensive customer data protection program in 2002 and became an early CISP Compliant Service Provider validated as being compliant with the VISA USA Cardholder Information Security Program in 2003 including as well as the  MasterCard Site Data Protection Program.

TRANSFIRST considers data protection as a primary success factor to serve its merchants. An effective data protection program:

  • Reduces the risk of fraud
  • Enhances the merchant image as a trusted vendor
  • Enables the merchant to achieve compliance with card processing operating agreements
  • Enables TRANSFIRST to maintain compliance with card association compliance requirements as well as other state and federal consumer privacy regulations

To achieve these goals, TRANSFIRST maintains a comprehensive security program that is audited each year by a Qualified Data Security Company (QDSC) to validate compliance with Payment Card Industry Data Security Standards (PCI DSS).  The successful PCI audits validate TRANSFIRST compliance with Visa's CISP (Cardholder Information Security Program) and MasterCard's SDP (Site Data Protection) programs.  The PCI DSS audit also validates compliance with other card brand data protection programs. 

As a valued customer of ours, the security of your business is also very important to us. TRANSFIRST has partnered with SecurityMetrics, an Approved Scanning Vendor (ASV) and Qualified Security Assessor (QSA), to assist our merchants with the PCI Data Security requirements set forth by Visa and MasterCard. All merchants who store, process, or transmit cardholder data are required to ensure that their cardholder data is secure. In order to ensure your security you may be contacted by us or SecurityMetrics regarding this program. Additional information regarding SecurityMetrics can be obtained at their website, www.securitymetrics.com.

PCI Data Security Standards
 The data security standards are summarized below.

Build and Maintain a Secure Network

  • Install and maintain a firewall configuration to protect data
  • Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

  • Protect stored data
  • Encrypt transmission of cardholders data sensitive information across public networ

Maintain a Vulnerability Management Program

  • Use and regularly update anti-virus software
  • Develop and maintain secure systems and applications

Implement Strong Access Control Measures

  • Restrict access to data by business need-to-know
  • Assign a unique ID to each person with computer access
  • Restrict physical access to cardholder data

Regularly Monitor and Test Networks

  • Track and monitor all access to network resources and cardholder data
  • Regularly test security systems and processes

Maintain an Information Security Policy

  • Maintain a policy that addresses information security

Additional information about the Payment Card Industry standards and merchant requirements for program compliance can be obtained at the VISA and MasterCard websites.

 
Customer Service:
800-745-2659
© 2005 TRANSFIRST, All Rights Reserved

MAIN TOPICS: About Us | Products & Services | Market Expertise | Partnerships | News | Contact | Financial Institutions | Independent Sales | Referral Partners | Health | e-Commerce | Public Sector | Municipalities | Utilities

QUICK LINKS: TransAction Central | TransLink | Merchant Login