Kount, a subsidiary of Boise, Idaho-based Keynetics Inc., today announced that the company has been fully-certified under the Payment Card Industry (PCI) Data Security Standard.
This is an important distinction because it confirms that Kount meets the criteria put forth by the credit card industry's PCI Security Standards Council, an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.
Kount engaged Trustwave, a third-party company recognized as a Qualified Security Assessor by the PCI Security Standards Council, to perform the PCI compliance audit. After a thorough assessment of Kount, Trustwave confirmed that the online fraud control technology employs the highest security standards, therefore ensuring the safety of cardholder data.
"The effort we put into achieving certification under PCI has paid off," said Kount CEO Brad Wiskirchen. "PCI compliance gives our customers a level of assurance that is invaluable."
Wiskirchen said the following features were key to receiving PCI compliance certification:
- No storage of cardholder data -- Kount does not store cardholder data. Instead, all cardholder data is permanently converted to a format not readable by humans, using a SHA-1 hashing algorithm. The hashed values are then transmitted to a secured server. This helps ensure that account numbers can never be compromised
- Secure application design -- No cardholder data is received nor transmitted unencrypted and no personnel have access to cardholder data.
- Secure infrastructure design -- The combination of fault tolerant systems and continuous operations ensures that the availability and security posture of Kount Inc. is never degraded during routine maintenance.