PCI Compliance

OmegaFi complies with industry standards . . . to keep your information safe . . . to protect your organization . . . to relieve you of complex and expensive compliance burdens . . . so you can accept credit and debit card payments.

What is PCI Compliance?

“PCI” stands for “payment card industry.” Any entity (including fraternal organizations) that accepts a debit or credit card payment is required to comply with the Payment Card Industry Data Security Standard (PCI DSS) developed by the PCI Security Standards Council.

The PCI Security Standards Council — which was founded by multiple payment card processors such as Visa®, MasterCard® Worldwide, and American Express® — developed the PCI DSS to enhance credit and debit card data security. These security standards include requirements for security management, policies and procedures, network architecture and other proactive measures to secure credit card information. Any organization that processes payment card information, must adhere to these security standards.

Being PCI-compliant helps protect your organization from incurring substantial fines and allows you to continue to accept donations and payments by credit card. To help you in your efforts of becoming PCI-compliant, OmegaFi offers various payment services for fraternal organizations.

To learn more about PCI DSS and download the latest specification and its supporting documents, visit www.pcisecuritystandards.org.

What has OmegaFi done to become PCI compliant?

OmegaFi complies with PCI DSS relieving you, in large part, of this regulatory burden. To assist, monitor and check our compliance efforts, OmegaFi works with TrustWave.

TrustWave is the leading provider of on-demand data security and payment card industry compliance management solutions to businesses worldwide. They assess our network infrastructure, security and they perform the PCI DSS validation for OmegaFi and the hosted solutions we provide to fraternal organizations and other clients.

Every OmegaFi application that processes, stores and transmits credit card numbers has been built to be PCI DSS compliant. We have implemented PCI standards regarding secure storage of data, strong access control and other requirements. We utilize a variety of techniques to maintain our PCI compliance including secure application development, regular vulnerability scans and penetration testing, robust patching, intrusion detection, monitoring and network security controls (such as firewalls).