These are some of the most common questions regarding security and PCI compliance in Bold Subscriptions, select the question to view the answer.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.
Visit the PCI Compliance Guide FAQ for more details.
There are six main categories to be considered compliant; these are all met by the Supported Payment Gateways in Bold Subscriptions:
- Build and Maintain a Secure Network and Systems
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
In addition to this, Bold Subscriptions must adhere to a subset of the PCI Data Security Standards and has implemented controls in relation to the following (where applicable):
- Do not use vendor-supplied defaults for system passwords and other security parameters.
- Identify and authenticate access to system components.
- Restrict physical access to cardholder data
- Maintain a policy that addresses information security for all personnel
With Subscriptions and one of the Supported Payment Gateways in Bold Subscriptions together you can be assured that you are adequately protected with industry-leading PCI compliance and security standards.
Bold Subscriptions is PCI compliant, uses industry-leading encryption techniques, and processes all personal information securely.
All Supported Payment Gateways in Bold Subscriptions are required to be PCI compliant as well; this is where the credit cards information is processed and stored.
Yes, Subscriptions uses industry standard and PCI accepted TLS encryption for all checkout processes and logged-in customer activity.
Credit card information is not stored within Subscriptions; it is stored within your payment gateway. All Payment Gateways are required to be PCI compliant; our recommended Supported Payment Gateways in Bold Subscriptions (Stripe, Spreedly, and BrainTree) are all fully PCI-compliant, level one service providers.