Kount Receives PCI Compliance Certification10-Jun-2008
This is an important distinction because it confirms that Kount meets the criteria put forth by the credit card industry's PCI Security Standards Council, an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.
Kount engaged Trustwave, a third-party company recognized as a Qualified Security Assessor by the PCI Security Standards Council, to perform the PCI compliance audit. After a thorough assessment of Kount, Trustwave confirmed that the online fraud control technology employs the highest security standards, therefore ensuring the safety of cardholder data.
"The effort we put into achieving certification under PCI has paid off," said Kount CEO Brad Wiskirchen. "PCI compliance gives our customers a level of assurance that is invaluable."
Wiskirchen said the following features were key to receiving PCI compliance certification:
- No storage of cardholder data - Kount does not store cardholder data. Instead, all cardholder data is permanently converted to a format not readable by humans, using a SHA-1 hashing algorithm. The hashed values are then transmitted to a secured server. This helps ensure that account numbers can never be compromised
- Secure application design - No cardholder data is received nor transmitted unencrypted and no personnel have access to cardholder data.
- Secure infrastructure design - The combination of fault tolerant systems and continuous operations ensures that the availability and security posture of Kount Inc. is never degraded during routine maintenance.
About the PCI Data Security Standard
The PCI Data Security Standard represents a common set of industry tools and measurements to help ensure the safe handling of card holder information and credit card data. Initially created by aligning Visa's Account Information Security (AIS)/Cardholder Information Security (CISP) programs with MasterCard's Site Data Protection (SDP) program, the standard provides a framework for developing a robust account data security process, including preventing, detecting and reacting to security incidents. In September 2006, the PCI Security Standards Council ("PCI SSC") became the recognized credit card industry standards organization to own, maintain and distribute the PCI Data Security Standard (DSS) and all its supporting documentation. More information on the PCI Data Security Standard and the PCI Security Standards Council may be found at: www.pcisecuritystandards.org.
Kount is an online fraud prevention tool that guards against online organized crime directed at F100 retailers and money transfer agents. It also pierces proxies through advanced geo location technology and reports changes in risk via dynamic scoring. Kount is a hosted application that works with any payment platform. Other features designed specifically for top internet retailers include customizable business rules for optimized performance and manual review automation tools. For more information about Kount, please visit www.kount.com.