PCI Compliant Furniture Retail Software
- Safeguard your business from the threat of data breaches and associated financial liability
- Operate your business with secure technology systems
- Protect the identity and secure the credit of your valued customers
- Gain consumer confidence and trust as they process payments with your business
Secure Your Business with PCI Compliant TechnologiesRequest a Demo
Are you are in the market for technology solutions designed with security standards that protect you as well as your valued customers? Fill out the form to learn more about STORIS Point of Sale and eCommerce Solutions.
Payment Card Industry Security Standards Council
The PCI Security Standards Council sets best practices and certifies information systems regarding their handling of sensitive consumer data.“The PCI Security Standards Council (PCI SSC) is a global forum that brings together payment industry stakeholders to develop and drive adoption of data security standards and resources for safe payments worldwide.” The Council was founded in 2006 by American Express, Discover, JCB International, MasterCard and Visa Inc. We encourage you to learn more about their efforts here.
STORIS Develops for PCI Compliance
We prioritize certification efforts for each release of our STORIS Unified Commerce Solution and eSTORIS Integrated eCommerce Platform. This is to assure we are delivering technology that upholds industry standards of excellence as our retailers process consumer payments and personal data. STORIS follows the high standards set by the PCI Security Council when developing our solutions. We also complete formal certifications with qualified auditors on our final technology deliverables.
Protection of Cardholder Payment Data
According to the PCI Security Standards Council, technology is one of the pillars of global security. They note that retailers should, “make sure you are using the right technology and implementing it correctly to get the best security and business benefits (…) including Point of Sale vendors and hardware and software developers.”
PCI-DSS: Payment Card Industry Data Security Standard
STORIS meets the requirements of the PCI-DSS certification for our company and solutions. This includes maintaining system security, protecting cardholder data processed through our POS, restricting access to cardholder data, tokenizing and encrypting data transmissions, utilizing anti-virus programs, developing our solutions with security standards, regularly testing security procedures, and maintaining security policies and training across our entire organization.
Further, STORIS received the HyperSecur® PCI Compliance Validation Certificate, which is the PCI-DSS Service Provider Level 2 certification specifically to support our hosted eSTORIS eCommerce infrastructure.
PCI PA-DSS: Payment Application Industry Data Security Standard
PCI Validated Payment Applications are payment software products that have been validated as meeting the Payment Application Data Security Standard (PA-DSS). STORIS meets the requirements of the PCI PA-DSS certification for solutions that enable our retailers to process consumer data. We have upheld these standards for over a decade, since Release 8.8. STORIS partners with Shift4 Payment Processing Solutions to enable EMV Credit Card Processing that meets PCI PA-DSS.
Security Management Program
STORIS is committed to ensuring the greatest level of security for our clients and STORIS team members. STORIS has passed our annual Datassurant Enterprise Security Management Program (SMP) recognition. It is vital to maintain the security standards of our internal organization alongside PCI protocol. Datassurant’s full audit provides compliance validation services to ensure STORIS’ technologies meet the above-referenced requirements for PCI-DSS, PA-DSS, and other major security requirements.
STORIS successfully passed the Enterprise SMP assessment, analysis, and security intelligence services consistent with International Organization for Standardization (“ISO”) standard 27002 and the SMP controls related to several areas such as data classification, data handling, data disposal, access rights and privileges, change control, change management, business continuity, disaster recovery, incident response, and security awareness training.