Comarch Loyalty Management receives certificate of compliance with PCI-DSS requirements
The Comarch CLM loyalty system was granted a certificate of compliance with the PCI-DSS (Payment Card Industry Data Security Standard) and PABP (Payment Application Best Practices) standards during an implementation carried out for a customer in the US.
The certificates are determinants of security for IT systems and organizations that process transactional data during card payments. They have been created in order to prevent all sensitive data leaks, and to minimize the risk of hacking into systems and all crimes related to this.
- Because Comarch’s latest customer is a financial institution, it was important to guarantee security while the CLM application is storing information regarding customers' credit cards, as well as their numbers, which perform the function of unique IDs in the loyalty program - states Marcin Warwas, Vice President of the Services Business Unit, Comarch SA.
In the context of IT systems, the PCI-DSS standard specifies not only the data, but also the way in which it can be stored and more complex issues related to e.g. part of the data being hidden while displaying the frequency of the exchange of encoding keys, their length and the process of creation and testing of applications. The system’s task is to allow for tracking changes of data introduced by the staff operating the program and also to block any attempts to modify user family members account data.
- Throughout the work related to choosing the most appropriate data encoding mechanisms, many variants were considered, including the usage of hardware solutions. However, we have decided to implement the appropriate functions directly into the application. Therefore, a costly and complex encoding infrastructure will not be required for this and future implementations - explains Marek Zyzik, the Project Manager.
The PCI-DSS standard was initiated by companies including American Express, JCB International, MasterCard and Visa. This confirmation of the compliance of Comarch Loyalty Management with these guidelines opens new possibilities for expansion of this product.