Beyond Borders - OCTA

ISO 27001

ISO 27001 provides a framework for securing consumer data through an (ISMS).

SOC 2

SOC 2 defines standards for data protection, availability, integrity, confidentiality, and privacy.

PCI DSS Compliant

PCI-DSS ensures the secure handling, storage, & transmission of cardholder information.

Firewall Security

Firewalls have been added and activated within the system.

Identified all unsafe protocols, services, and allowed ports in the Business Environment.

Installed personal firewalls or equivalent software on user devices.

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Password Security

Changed default passwords on routers, software, and hardware.

Passwords have the maximum security.

All systems are MFA protected.

Controls

Encryption

Used hashing, truncation, strong cryptography to make PAN unreadable wherever stored.

Ensured that sensitive authentication data is not stored post-authorization.

Installed personal firewalls or equivalent software on user devices.

Access Management

Provided multi-factor authentication for admins

Ensured cloud containers storing cardholder data are accessible only by programmatic methods.

Limited access to system components and cardholder data based on business needs.

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Password Security

Changed default passwords on routers, software, and hardware.

Passwords have the maximum security.

All systems are MFA protected.

Encryption

Used hashing, truncation, strong cryptography to make PAN unreadable wherever stored.

Ensured that sensitive authentication data is not stored post-authorization.

Installed personal firewalls or equivalent software on user devices.

Password Security

Changed default passwords on routers, software, and hardware.

Passwords have the maximum security.

All systems are MFA protected.

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Encryption

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Access Management

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Data Security2

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Security at Octa

At OCTA, security is our top priority. We are dedicated to creating and maintaining a secure environment to store and process data for our Merchants and their Customers. Our commitment to security is unwavering, and we continually review and enhance our internal processes and controls to align with the highest industry standards.

We are proud to be compliant with PCI DSS standards, reflecting our dedication to securing payment card data and related transactions. This compliance is a testament to our stringent security measures and protocols, which are designed to protect the cardholder data we handle.

FAQ

What is PCI DSS and how is OCTA compliant?

How does OCTA ensure the security of cardholder data?

Can I view OCTA’s PCI DSS certification or report on compliance?

Built with your ease in mind.
Sahl - Compliance made Easy