PCI Compliant

RocketGate is a Tier 1 certified Payment Card Industry (PCI) compliant service provider.

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment. The PCI DSS is administered and managed by the PCI SSC, an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.).  It is important to note, the payment brands and acquirers are responsible for enforcing compliance, not the PCI Security Standards Council. 

 

PCI Solutions for RocketGate merchants:

1. Hosted Page

RocketGate collects the credit card information on your behalf so you can reduce the scope of your PCI compliance efforts because you are not storing or transmitting sensitive data.

See the lifecycle of a Hosted Page Transaction 

 

2. Hosted Form

Credit card data is entered by the customer and then is transmitted directly to RocketGate. You are no longer required to be PCI compliant because you are not processing or transmitting sensitive data.

See the lifecycle of a Hosted Form Transaction
 

3. Tokenized Payment Processing

RocketGate returns a unique token after the initial transaction that allows you to process subsequent transactions without storing credit card data. 

You are no longer required to be PCI compliant because you are not processing, storing or transmitting sensitive data.

See the lifecycle of a Tokenized Transaction

 

Here are the Payment Card Industry (PCI) Data Security Standard set out by the consortium of card issuers known as the PCI Security Standards Council:

PCI Data Security Standard

Build and Maintain a Secure Network
  1. Install and maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data
  1. Protect stored data
  2. Encrypt transmission of cardholder data and sensitive information across public networks

Maintain a Vulnerability Management Program
  1. Use and regularly update anti-virus software
  2. Develop and maintain secure systems and applications

Implement Strong Access Control Measures
  1. Restrict access to data by business need-to-know
  2. Assign a unique ID to each person with computer access
  3. Restrict physical access to cardholder data

Regularly Monitor and Test Networks
  1. Track and monitor all access to network resources and cardholder data
  2. Regularly test security systems and processes

Maintain an Information Security Policy
  1. Maintain a policy that addresses information security

 

By complying with the PCI Data Security Standard, Visa members, merchants, and service providers not only meet their obligations to the payment system, but also build a culture of security that benefits everyone.
 
 

Additional Information:

Certified Tier 1 Provider

RocketGate is a Tier 1 PCI Compliant service provider.

 

PCI Data Security Standard

RocketGate conforms to the PCI Data Security Standard. 

 

RocketGate protects your data so you can sleep at night.