PCI Compliance
The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. All companies that have been issued a merchant id from Forte must meet this standard and submit a certificate of compliance from a third-party auditing firm proving that it has met those standards.
PCI certification involves a review of the merchant’s internal procedures for the gathering of credit card information from its customers, where it is stored, and who has access to it in addition to a review of the network on which the information is held. Running the PCI Compliance program within SedonaOffice is one small piece of meeting those certification requirements. Please contact Forte directly for information on how certification can be achieved and from which companies they will accept a PCI Compliance Certificate.
All credit card and bank draft information is entered directly into Forte’s payment system. No credit card or bank information is held within the SedonaOffice database. When a new customer credit card or bank account is saved within SedonaOffice, Forte issues a token to SedonaOffice. A token is a series of letters and numbers that cannot be mathematically translated into a customer’s credit card or bank account number. The token is held on the customer’s record within SedonaOffice as a reference for Forte to look up the customer’s credit card or bank account within their system when a transaction is submitted.