PCI Certification and Compliance

Certified to Protect: Altech Card Solutions safeguards its customers against fraud

Alarming statistics released recently by the South African Banking Risk Information Centre (SABRIC) indicate that credit card fraud is on the rise locally, resulting in losses to the banking sector of R454 million in 2014 alone. Some of this fraud is as a result of increasingly sophisticated cyber-attacks. According to Verizon, a global leader in wireless telecommunications, many criminals still rely on techniques such as phishing and hacking to steal and utilise the personal information of cardholders.
Recognising the danger that fraud brings to its customers, Altech Card Solutions (ACS) has proactively embarked on renewing its PCI DSS V3 certification in an effort to position the company at the forefront of card fraud prevention. 
According to Attie van der Linde, General Manager: Integrated Transaction Solutions at ACS, it has become an operational and strategic imperative to invest in becoming PCI DSS certified in order to protect its customers’ cardholders against fraud. 

What is PCI DSS?
The Payment Card Industry Data Security Standard (PCI DSS) certification is a protective measure to optimise the security of credit and debit card transactions and protect cardholders against the misuse and abuse of personal information. 
The PCI Security Standards Council was launched in 2006 by the five founding global payment brands; American Express, Discover Financial Services, JCB International, MasterCard and Visa Inc. and is a requirement for all payment solutions providers.
As one of South Africa’s leading providers of payment acceptance terminals, card personalisation and financial transaction services, ACS has supplied payment terminals to the banking and retail industries since 1993 and undertakes regular internal policy and procedure audits to ensure the company is able to mitigate the level of fraud attempted against its customers.
“Our foremost priority is to protect the sensitive payment card information of the cardholders by equipping ACS’ systems with the correct software to safeguard against vulnerabilities such as malware or spyware,” says Attie. 

To gain certification, ACS was required to undertake specific measures such as:

  • Ensuring the networks used in the production and processing of card transactions are protected with reputable firewalls
  • Encryption of cardholder information including sensitive personal data such as a user’s name, address, phone number and date of birth 
  • Access to the system internally is restricted and monitored
  • A formal IT security policy is instituted, revised and circulated amongst all employees to ensure compliance

“Receiving the certification demonstrates that we embrace compliance. Our customers can trust us with the sensitive information and trust means our customers have confidence in doing business with us,” says Attie.