Beyond Borders - OCTA

ISO 27001:2022

ISO 27001 provides a framework for securing consumer data through an (ISMS).

SOC 2

SOC 2 defines standards for data protection, availability, integrity, confidentiality, and privacy.

PCI DSS Compliant

PCI-DSS ensures the secure handling, storage, & transmission of cardholder information.

Firewall Security

Firewalls have been added and activated within the system.

Identified all unsafe protocols, services, and allowed ports in the Business Environment.

Installed personal firewalls or equivalent software on user devices.

Load More

Load More

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Load More

Password Security

Changed default passwords on routers, software, and hardware.

Passwords have the maximum security.

All systems are MFA protected.

Load More

Controls

Encryption

Used hashing, truncation, strong cryptography to make PAN unreadable wherever stored.

Ensured that sensitive authentication data is not stored post-authorization.

Installed personal firewalls or equivalent software on user devices.

Load More

Access Management

Provided multi-factor authentication for admins

Ensured cloud containers storing cardholder data are accessible only by programmatic methods.

Limited access to system components and cardholder data based on business needs.

Load More

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Load More

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Load More

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Load More

Password Security

Changed default passwords on routers, software, and hardware.

Passwords have the maximum security.

All systems are MFA protected.

Load More

Encryption

Used hashing, truncation, strong cryptography to make PAN unreadable wherever stored.

Ensured that sensitive authentication data is not stored post-authorization.

Installed personal firewalls or equivalent software on user devices.

Load More

Password Security

Changed default passwords on routers, software, and hardware.

Passwords have the maximum security.

All systems are MFA protected.

Data Security

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Encryption

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Access Management

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Data Security2

Developed a data retention policy specifying data storage locations and safe deletion methods.

Ensured that sensitive authentication data is not stored post-authorization.

Log and monitor all access to system components and cardholder data

Security at Octa

At OCTA, security is our top priority. We are dedicated to creating and maintaining a secure environment to store and process data for our Merchants and their Customers. Our commitment to security is unwavering, and we continually review and enhance our internal processes and controls to align with the highest industry standards.

We are proud to uphold the highest standards of data security by being compliant with PCI DSS Level 1, SOC 2, and ISO 27001:2022. Our commitment extends beyond securing payment card data to encompass all aspects of organizational and customer data security. This compliance underscores our stringent security protocols and measures, diligently designed to protect not only cardholder data but also all sensitive information we handle.

Request Document

FAQ

What is PCI DSS and how is OCTA compliant?

How does OCTA ensure the security of cardholder data?

What does ISO 27001 certification mean for Octa's security posture?

How can I access Octa's compliance reports and documentation?

What is SOC 2 compliance, and why is it important for Octa?

Sahl - Compliance made Easy