G2a. Is ConnectBooster PCI Compliant? – MSP Version

G2a. Is ConnectBooster PCI Compliant? – MSP Version

Why you do not have to worry about annual Payment Card Industry compliance questionnaires and fees.

  • We provide:
    • No fees for merchants who complete their PCI questionnaire – say good-bye to PCI compliance fees!
    • Simple, easy-to-understand questionnaires that take just minutes, not hours, to complete.
    • Instant results about your compliance status.
    • Information you can use – useful tips for safeguarding your business and your customers
  • The short answer is that ConnectBooster has a much stricter standard of data security than what is required by PCI compliance.
  • It’s so strict in fact, that we do not even house your ACH or credit card numbers on our servers.
  • We work work with Clearent, a merchant services provider. The company keeps your data stored in a Customer Vault system that not only is protected against hackers, but no one at ConnectBooster can even gain access. So even though we facilitate payments between you and your clients, we never see nor have access to the physical numbers. So you can tell your customers that data is totally safe as well from the people who created the portal, and you.

Why do we not simply follow basic PCI compliance, and instead opt for something far superior?

  • The Payment Card Industry (PCI) Data Security Standard (DSS) was created to help protect cardholder data that is processed, stored or transmitted by merchants. While compliance is mandatory, it can be confusing, expensive and time consuming.
  • You may be unsure of what you need to do to bring your business into compliance, and the monthly or annual PCI compliance fees that you’re paying may be of questionable value. So we decided to work with a merchant services provider that cuts through the clutter and makes it easy, and in our opinion far more secure.

What exactly is a Customer Vault vs. PCI compliance?

  • The Customer Vault was designed specifically for businesses of any size to address security concerns about handling customer payment information.
  • Visa and MasterCard have instituted the Payment Card Industry (PCI) Data Security Standard to protect cardholder data–wherever it resides–ensuring that members, merchants, and service providers maintain the highest information security standard.
  • These associations have also deemed that merchants will be held liable for any breach of cardholder data. This has become a major concern for merchants who may handle credit card or electronic check payments, but are looking to avoid the tremendous costs and resources involved in becoming PCI compliant.
  • The Customer Vault allows merchants to transmit their payment information through a Secure Sockets Layer (SSL) connection for storage in our Level 1 PCI certified data facilities. Once the customer record has been securely transmitted to the Customer Vault, the merchant can then initiate transactions remotely without having to access cardholder information directly. This process is accomplished without the merchant storing the customer’s payment information in their local database or payment application.
  • Furthermore, using the ConnectBooster Browser Redirect Method in conjunction with the Customer Vault allows merchants to process transactions without transmitting any payment information through their web application. This unique approach provides best of class application flexibility without any PCI compliancy concerns.