We use cookies to give you the best browsing experience and to help us understand how you use our site. Cookies are small snippets of data stored on your computer and some have already been set. By continuing to use our website you are accepting our use of cookies. To find out more, read about cookies

Please note

We cannot answer specific queries about your account here. For Account queries please

Your selected question

Barclaycard keep pushing me to become PCI DSS compliant but are Barclaycard compliant themselves?

 

All our card machine products are in line with the PTS Standard. In addition, it’s our responsibility to ensure we comply with the PTS throughout the life of the solution.

Barclaycard Payment Gateways (also known as Barclaycard Smartpay A, B, S, and Smartpay I/ePDQ) are compliant with the Payment Card Industry Data Security Standard.

The Solve DataShield P2PE Solutions for VeriFone and Ingenico are also compliant with the P2PE standard. (Search under Company tab “The Logic Group”)

Authorisation is the point at which the transactions exit the merchant’s environment and enter into either the fully PCI DSS Compliant BT Cardway or TNS connectivity solutions. TNS and BT forward the transactions into Barclays Secure Data Centres for processing and onward routing into the appropriate Card Scheme (VISA/MasterCard/etc.) via their respective dedicated devices, which are also hosted in our Barclays Secure Data Centres.

Settlement is the point at which the settlement file exits the merchant’s environment and enters into the fully PCI DSS Compliant TNS connectivity solutions. TNS then forwards the settlement files into Barclays Secure Data Centres for processing and onward routing into the appropriate Card Scheme (Visa, Mastercard, etc.) via their respective dedicated devices, which are also hosted in our Barclays Secure Data Centres.

Barclaycard Payment Solutions acknowledges that it is responsible for the security of transaction data submitted by the merchants to Barclaycard Payment Solutions whilst in the Barclaycard Payment Solutions environment to the extent it is stored, processed and transmitted by Barclaycard Payment Solutions on the merchants’ behalf in accordance with the responsibility matrix below:

Description of the services where Barclaycard Payment Solutions is a service provider to the Customer

Card Data Activity

Relevant PCI DSS Requirements of Customer which are performed by Barclaycard Payment Solutions to the extent applicable

Barclaycard Payment Solution Responsibilities

Managed payment services

Storage, processing and transmission of cardholder data

1. Install and maintain a firewall configuration to protect cardholder data

2. Do not use vendor-supplied defaults for system passwords and other security parameters

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

5. Protect all systems against malware and regularly update anti-virus software or programs

6. Develop and maintain secure systems and applications

7. Restrict access to cardholder data by business need to know

8. Identify and authenticate access to system components

9. Restrict physical access to cardholder data

10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

12. Maintain a policy that addresses information security for all personnel

 

 

 

 

 

How useful did you find the answer given?

Not at all Very useful