Log on

STATEMENT OF DOUBLEKNOT'S PCI DSS COMPLIANCE

Doubleknot's data security standards are adopted from the Payment Card Industry Data Security Standard (PCI DSS).  PCI DSS is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The Payment Card Industry Security Standards Council is an organization whose members include American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International.  The standard is for organizations that process payments to prevent fraud through increased controls around data and its exposure to compromise.  While PCI DSS is not law, Doubleknot is required to maintain PCI DSS Level 3 compliance to process payment transactions.  Doubleknot maintains PCI DSS Level 3 compliance for all payment transactions and all personally identifiable data.

Validation of Doubleknot's compliance is performed by Security Metrics, Inc. and compliance is assessed quarterly.  The validation of compliance covers the following twelve topics of data security and within each topic there are number of requirements that must be met.  Failure to meet any single requirement results in non-compliance.

  1. Maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored personally identifiable and payment data
  4. Encrypt transmission of personally identifiable and payment data across open, public networks
  5. Use and regularly update anti-virus software
  6. Develop and maintain secure systems and applications
  7. Restrict access to personally identifiable and payment data by business need-to-know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to personally identifiable and payment data
  10. Track and monitor all access to network resources, personally identifiable data and payment data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security

Enforcement of compliance is done by the entities facilitating our payment transactions. Thus compliance is enforced by the card brands we accept, Visa, MasterCard, Discover and American Express, and our acquirers, PayPal, Inc. and Authorize.net, Inc.  Meaning, if Doubleknot becomes non-compliant one or more of the card brands we accept or our acquirers can stop our ability to process payments, increase our audit requirements and/or assess a fine of up to $500,000.

Doubleknot has maintained PCI DSS compliance since 2006.

Doubleknot LLC
1300 Sixth Ave, Suite 100 | Columbus, GA | 31901
Phone (888) 839-8150 | Fax (408) 741-1000 | support@doubleknot.com
© 2016-2022 Doubleknot LLC. All rights reserved.

 

Doubleknot, LLC
20665 Fourth Street, Suite 103 | Saratoga, CA | 95070
Phone (408) 971-9120 | Fax (408) 741-1000 | Doubleknot@doubleknot.com
© 2016 Doubleknot, LLC All rights reserved.