STAAH Is PCI DSS Certified: 4 Years In A Row
After completing another annual round of rigorous and comprehensive checks, we are pleased to announce that STAAH is PCI DSS Certified (Payment Card Industry Data Security Standard). The certificate was awarded after a full-scale audit by a qualified security assessor (QSA) as required to attain this certification. The QSA validated all areas of STAAH’s platforms that come in contact with card holder data to ensure proper controls and security measures are in place to protect the customer.
The PCI certification audit includes reviews of the following;
• How the
software is developed
• The process in which developers
are trained
• Technical and procedure controls
A full review and validation of the hundreds of PCI controls takes up to six months to complete.
“Data is fast becoming the single most important asset for all companies, and its protection is paramount,” says Gavin Jeddo, Founding Director of STAAH Ltd. “We recognise the importance of data and its security, being in an industry where online transactions are business critical. Getting the PCI DSS certification for the fourth year in a row demonstrates our promise to ensure data security is never compromised on a STAAH platform.”
Hotels and accommodation providers have been key targets of data breaches for many years – and there is one main reason for this; that is, credit card payments. The SSL certification on a website or security on third party payment site is not sufficient. Every programme used by properties must be secure.
This certification is a way to provide that layer of data security and prevent breaches that compromise business sensitive data.
What's the Difference between Compliant & Certified?
PCI compliance means a company has taken steps to help protect Card Holder Data (CHD) following the guidelines set by the PCI Council. Whereas PCI certification is a rigorous and comprehensive process that involves a full-scale audit by a qualified security assessor (QSA).
What Does PCI Certification Mean for My Business?
STAAH being fully PCI certified means that:
• Your guests can book with confidence knowing
that their card data is secure;
• You can have complete
peace of mind to trade using our technology; and
•
Banks are more likely to issue merchant facilities to your
property.
PCI DSS certification of your STAAH platforms is a key step in data security. However, there are other measures you could taking as a business to become PCI certified or compliant. Read more about PCI DSS here.
About STAAH
STAAH Ltd is a New Zealand-based technology company that specialises in cloud-based channel management and booking engine for accommodation providers to maximise online revenue. Founded by Gavin Jeddo in 2008, a pioneer in the field of distribution technology, STAAH’s industry-leading technology powers a property’s distribution through online travel agencies (OTA), direct bookings and digital marketing services. STAAH works with more than 5000 partner properties in more than 70 countries through its operations in New Zealand, India, Malaysia, Philippines, Thailand, Indonesia and UK.