Beyond Borders - OCTA


Beyond Borders OCTA

PCI DSS Compliant

PCI-DSS ensures the secure handling, storage, & transmission of cardholder information.

Security at Octa

At OCTA, security is our top priority. We are dedicated to creating and maintaining a secure environment to store and process data for our Merchants and their Customers. Our commitment to security is unwavering, and we continually review and enhance our internal processes and controls to align with the highest industry standards.

We are proud to be compliant with PCI DSS standards, reflecting our dedication to securing payment card data and related transactions. This compliance is a testament to our stringent security measures and protocols, which are designed to protect the cardholder data we handle.

Request Document

Controls

Firewall Security

Firewall Security

Firewalls have been added and activated within the system.

Firewalls have been added &
activated within the system.

Identified all unsafe protocols, services, and allowed ports in the Business Environment.

Identified all unsafe protocols,
services, and allowed ports in the Business Environment.

Installed personal firewalls or equivalent software on user devices.

Password Security

Password Security

Changed default passwords on routers, software, and hardware.

Changed default passwords on routers, software, and hardware.

Changed default passwords on routers, software, and hardware.

Passwords have the maximum security.

Passwords have the
maximum security.

All systems are MFA protected.

Encryption

Encryption

Used hashing, truncation, strong cryptography to make PAN unreadable wherever stored.

Ensured that sensitive authentication data is not stored post-authorization.

Used strong cryptography and security protocols for protecting cardholder data over public networks.

Data Security

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Access Management

Access Management

Provided multi-factor authentication for admins.

Implemented MFA for admins.

Ensured cloud containers storing cardholder data are accessible only by programmatic methods.

Limited access to system components
and cardholder data based on business needs.

Limited access to system components and cardholder data based on business needs.

Encryption

Used hashing, truncation, strong
cryptography to make PAN unreadable wherever stored.

Ensured that sensitive authentication data is not stored post-authorization.

Used strong cryptography and security protocols for protecting cardholder data over public networks.

Data Security

Developed a data retention policy
specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Access Management

Provided multi-factor authentication for admins.

Ensured cloud containers storing cardholder data are accessible only by programmatic methods.

Limited access to system components and cardholder data based on business needs.

FAQ

What is PCI DSS and how is OCTA compliant?

How does OCTA ensure the security of cardholder data?

What does ISO 27001 certification mean for Octa's security posture?

How can I access Octa's compliance reports and documentation?

What is SOC 2 compliance, and why is it important for Octa?

Sahl - Compliance made Easy

Sahl - Compliance made Easy