PCI DSS stands for Payment Card Industry Data Security Standard. It is the benchmark of card data security that companies must comply with in order to process card transactions from the major credit card brands. Judopay is PCI Level 1 compliant, adhering to the most stringent of card security measures.
Yes. Judopay’s processing systems are PCI Data Security Standard (PCI-DSS) Level 1 compliant. This is the most stringent level of security certification available for card payment companies.
We only allow trusted businesses to process card payments with Judopay. This starts with underwriting your account at sign up and continues through every transaction.
You can learn more about PCI’s requirements here.
Judopay processes your card details based on an encrypted digital token.
Your customer's sensitive payment information is converted into a secure token. This allows card data relating to a transaction to be stored, without storing the full card details.
SSL (Secure Sockets Layer) is the standard security technology used for establishing a link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
SSL ensures that any data passed between your customer's web server and web browser remains private, giving them the peace of mind that they can purchase from you safely and securely. In order to process card payments, you will also need to be PCI compliant. Since Judopay is level 1 PCI compliant - the highest measure of card security - all you need to have is the safety of SSL and we will take care of the rest.
Judopay is a PCI Level 1 compliant company and is committed to providing a secure and reliable service. Our internal monitoring procedures ensure that any suspicious activity is swiftly flagged and investigated.
We will always endeavour to resolve any issues with the merchant directly, but sometimes we will work with VISA and MasterCard to investigate more serious cases.
Address Verification Service or AVS is a security method used to verify the address of a person claiming to own a credit card. The system checks the billing address supplied by the customer during the transaction with the address on file at the credit card company.
A comprehensive definition of AVS and how it works in the UK and elsewhere can be found here.
You should evaluate the unique aspects of your services to help minimize fraudulent activity such as by imposing limits on new customer activity, utilising SSL encryption and monitoring the geo-location of users.
To avoid possible chargebacks take the following points in to consideration:
Have clear return and refund policies and post them clearly.
Use a recognizable name when you register with Judopay.
Record your Judopay Receipt IDs on any other receipt documentation you produce in conjunction with a transaction.
Save any shipping records and carefully document major disputes you have with a customer.
A card token is an encrypted representation of your customer's card details which can be stored in your database without worrying about compliance issues. This card token can only be used with the associated consumer token.
A consumer token represents a single user that should be stored in association with the card token.
A single consumer token could have multiple card tokens associated with it, but a card token will only ever have a single consumer token associated with it.