Our PCI DSS Compliance Statement
Pronto Woven is a PCI DSS Level 1 certified Service Provider. Pronto Woven’s PCI DSS responsibilities as a Service Provider are outlined in the Attestation of Compliance (AOC) as independently audited by Pronto Woven’s Qualified Security Assessor (QSA). To view the PCI DSS certificate please click here.
Pronto Woven has implemented technologies that establish configuration settings for connectivity with Pronto Woven’s Payment Gateway technologies for our Merchants. Merchants exactly using Pronto Woven’s configuration settings with Pronto Woven’s Payment Gateway technologies will have completely outsourced their cardholder data functions. Pronto Woven protects sensitive customer cardholder information and data in line with the Payment Card Industry Security Standards Council (PCI SSC) who “develop and drive adoption of data security standards and resources for safe payments worldwide” [1].
Pronto Woven Merchants may have other PCI DSS responsibilities that are independent of Pronto Woven’s Payment Gateway technologies. It is the Merchants sole responsibility to remain informed of their PCI DSS obligations and compliance status. Merchants should always consult their own Information Security professionals to review the security of the Merchant’s business where required. A Qualified Security Assessor (QSA) should be consulted if the Merchant manages other sensitive customer cardholder data. If the Merchant uses the Pronto Woven technologies in other ways not approved by Pronto Woven that incorporates the collection of customer cardholder data, then the merchant should similarly consult their own information security professionals.
PCI DSS is a comprehensive set of requirements created by the PCI SSC [2] to enhance cardholder data security and to ensure the safe handling and storage of sensitive customer cardholder data. Maintaining security of cardholder data is very important to Pronto Woven. Pronto Woven’s PCI DSS responsibilities are independently audited by Pronto Woven’s Qualified Security Assessor (QSA).
[1][2] For further information please visit the official PCI SSC website.
Visit the Pronto Software website for more details concerning Pronto Software’s security statements and certifications.