PCI Compliance. Company shall not connect to or utilize any computer network or systems of the Aviation Authority, including, without limitation, for transmission of credit card payments. Company shall be solely responsible for providing and maintaining its own computer networks and systems and shall ensure its system ensure its system used to collect, process, store or transmit credit card or customer credit card and/or personal information is compliant with all applicable Payment Card Industry (“PCI”) Data Security Standard (“DSS”).
1. Company shall, within 5 days, notify the Aviation Authority of any security malfunction or breach, intrusion or unauthorized access to cardholder or other customer data, and shall comply with all then applicable PCI requirements.
2. Company, in addition to notifying the Aviation Authority and satisfying the PCI requirements, will immediately take the remedial actions available under the circumstances and provide the Aviation Authority with an explanation of the cause of the breach or intrusion and the proposed remediation plan. Company will notify the Aviation Authority promptly if it learns that it is no longer PCI DSS compliant and will immediately provide the Aviation Authority with a report on steps being taken to remediate the non-compliance status and provide evidence of compliance once PCI DSS compliance is achieved.
3. Company, its successor’s and assigns, will continue to comply with all provisions of this Agreement relating to accidents, incidents, damages and remedial requirements after the termination of this Agreement.
4. Company shall ensure strict compliance with PCI DSS for each credit card transaction and acknowledges responsibility for the security of cardholder data. Company will create and maintain reasonable detailed, complete and accurate documentation describing the systems, processes, network segments, security controls and dataflow used to receive, process transmit store and secure Customer’s cardholder data. Such documentation shall conform to the most current version of PCI DSS.
5. Company must maintain PCI Certification as a bankcard merchant at the Airport. Company is responsible, at Company’s own expense, to contract and pay for all quarterly, annual or other required assessments, remediation activities related to processes within Concessionaire’s control, analysis or certification processes necessary to maintain PCI certification as a bankcard merchant.
6. PCI DSS - Company shall make available on the Premis...
PCI Compliance. A. The Acquiring Bank will provide The Merchant with appropriate training on PCI PED and/or DSS rules and regulations in respect of The Merchants obligations. Initial training will be provided and at appropriate intervals as and when relevant changes are made to such rules and regulations.
B. The Acquiring Bank will ensure that The Merchant is kept informed of any relevant new, or changes to, PCI PED and/or DSS compliance rules and regulations.
C. The Merchant will comply with PCI PED and/or DSS, and resulting obligations, in respect of establishing, and maintaining, the required security controls.
D. The Merchant will ensure that all its appropriate staff (existing and new) are knowledgeable in their responsibilities with respect to PCI PED and/or DSS compliance.
E. The Merchant must be able to demonstrate compliance with PCI PED and/or DSS and maintain measures necessary to successfully pass regular compliance certification checks.
F. The Merchant will notify The Acquiring Bank immediately should it become evident that data security standards have been compromised. The Merchant will also provide all assistance necessary to assist The Acquiring Bank and its agents to investigate and obtain any required evidence of a security breach.
G. The Merchant hereby agrees and undertakes to fully indemnify The Acquiring Bank from and against all actions, claims, losses, charges, costs and damages which The Acquiring Bank may suffer or incur as a result of The Merchants failure to comply with PCI PED and/or DSS.
H. Further to the conditions set out in Section 34 below, The Acquiring Bank reserves the right to terminate this agreement with The Merchant if The Merchant:
i. Refuses to accept, or commence, any remedial action(s) required under its obligation to PCI PED and/or DSS.
ii. Fails to maintain its PCI PED and/or DSS obligations and/or consistently fails compliance certification checks.
iii. Receives continuing penalties Fraud notifications or alerts of in any case where the Acquiring bank may be asked by the schemes to take action against the Merchant. اهيلع ةقداصملا تمت دق هنأ نم ةيلمع يأ ذيفنت دعب دكأتلا رجاتلا ىلع بجي .10 لمحتب هرارقإ متو ةقاطبلا لماح ةطساوب بولطملا وحنلا ىلعو ةرشابم .ةيلمعلا كلت ذيفنت نع هتيلوؤسم لماك يأ تحت ةيلمع نم رثكأ ىلإ ةيلمعلا ةميق ميسقتب موقي لاأب رجاتلا دهعتي .11 لاير )500( ةميقب نيتيلمع ذفني نأ لاثملا ليبس ىلعف ،قلاطلإا ىلع فرظ ةعباتلا عفدلا ةقاطب سفن مادختساب لاير )1000( يلامجلإا اهغلبم عئاضبل اذه ربتعي ثيحب ؛ىرخأ عفد تاقاطب ةيأ و...
PCI Compliance. Palo Alto Networks is not a payment processor and as such is not subject to compliance with PCI standards. However, Palo Alto Networks acknowledges that credit card information may be provided by End User during the performance or use of Products and therefore Palo Alto Networks shall use information data security controls that are compliant with PCI standards.
PCI Compliance. Payzer does not charge a fee
PCI Compliance. A. The Acquiring Bank will provide The Merchant with appropriate training on PCI PED and/or DSS rules and regulations in respect of The Merchants obligations. Initial training will be provided and at appropriate intervals as and when relevant changes are made to such rules and regulations.
B. The Acquiring Bank will ensure that The Merchant is kept informed of any relevant new, or changes to, PCI PED and/or DSS compliance rules and regulations.
C. The Merchant will comply with PCI PED and/or DSS, and resulting obligations, in respect of establishing, and maintaining, the required security controls.
D. The Merchant will ensure that all its appropriate staff (existing and new) are knowledgeable in their responsibilities with respect to PCI PED and/or DSS compliance.
E. The Merchant must be able to demonstrate compliance with PCI PED and/or DSS and maintain measures necessary to successfully pass regular compliance certification checks.
F. The Merchant will notify The Acquiring Bank immediately should it become evident that data security standards have been compromised. The Merchant will also provide all assistance necessary to assist The Acquiring Bank and its agents to investigate and obtain any required evidence of a security breach.
G. The Merchant hereby agrees and undertakes to fully indemnify The Acquiring Bank from and against all actions, claims, losses, charges, costs and damages which The Acquiring Bank may suffer or incur as a result of The Merchants failure to comply with PCI PED and/or DSS. مقرلاو تاعوفدملل ةيدوعسلا ةكبشلل ةعبات عفد ةقاطبل ليمعلا زاربإ .أ .يرسلا :نيفرطلا لبق نم هب حرصملاو هب حومسملا دحلا ءارشلا ةيلمع زواجتت لاأ .ب .ةقاطبلل ردصملا كنبلاو رجاتلا كنب دكأتي نأ رجاتلا ىلع هنأ لاإ ،ةرشابم ريغ تايلمعب مايقلا ةحاتإ نم مغرلا ىلع .9 ةعباتلا عيبلا طاقن زاهج ليعفت نم دكأتلل ةيرورضلا تاوطخلا عيمج عابتا نم ىتح ةيرورضلا لاصتلاا لئاسو عيمجب ًاينف تاعوفدملل ةيدوعسلا ةكبشلل .رشابملا لاصتلاا تايلمع ءارجإب كلذ معدي اهيلع ةقداصملا تمت دق هنأ نم ةيلمع يأ ذيفنت دعب دكأتلا رجاتلا ىلع بجي .10 لماك لمحتب هرارقإ متو ةقاطبلا لماح ةطساوب بولطملا وحنلا ىلعو ةرشابم .ةيلمعلا كلت ذيفنت نع هتيلوؤسم يأ تحت ةيلمع نم رثكأ ىلإ ةيلمعلا ةميق ميسقتب موقي لاأب رجاتلا دهعتي .11 لاير )500( ةميقب نيتيلمع ذفني نأ لاثملا ليبس ىلعف ،قلاطلإا ىلع فرظ ةعباتلا عفدلا ةقاطب سفن مادختساب لاير )1000( يلامجلإا اهغلبم عئاضبل اذه ربتعي ثيحب ؛ىرخأ عفد تاقاطب ةيأ وأ تاعوفدملل ةيدوعسلا ةكبشلل ءاغلإ و زاهجلا فاقيا ةلاحلا هذه يف كنبلل قحيو ،ًامامت اًروظحم فرصتلا .ةيقافتلاا ةكبشلا ةقاطبب لقأ ...
PCI Compliance. If, in the course of its engagement by University, Contractor has access to or will collect, access, use, store, process, dispose of or disclose credit, debit or other payment cardholder information, Contractor shall at all times remain in compliance with the Payment Card Industry Data Security Standard (“PCI DSS”) and if applicable, Payment Application Data Security Standard (PA DSS) requirements, including remaining aware at all times of changes to these standards and promptly implementing all procedures and practices as may be necessary to remain in compliance with these standards, including promptly notifying the University of its non-compliance, in each case, at Contractor’s sole cost and expense. Both parties are responsible for the security of the cardholder data that is in such party’s control or possession, as mandated by PCI Security Standards Council (PCI SSC) in the performance of their individual and mutual responsibilities under this Agreement.
PCI Compliance. For PCI Compliance, Client has two options for using Paymentus platform:
(i) Paymentus Fully Hosted Solution; or
(ii) Any other configuration To substantially reduce or eliminate any PCI compliance risks and to render all Client systems out of scope from PCI compliance requirements, Client agrees to use Paymentus’ fully hosted service where Paymentus uses its own platform to capture Payments and to manage the entire (end to end) user experience from all channels for Payment acceptance: Web, Mobile, IVR, POS devices (per Paymentus recommended setup), recurring payments, Ebill Presentment (“Paymentus Fully Hosted Solution”). If Client chooses any other integration such as third party web pages integrated with Paymentus APIs, third party gateway pages, or its own IVR systems or POS solution not recommended by Paymentus, or a cashiering module from third party, Client expressly agrees that Client shall not be exempt from PCI requirements and shall be liable for any data breaches occurring on its own systems as Client’s recognizes that Client systems are participating in the transactions and are in scope for PCI compliance. Under such circumstances, Paymentus shall not be responsible for any PCI obligations outside of Paymentus own platform and Paymentus expressly disclaims any PCI or security obligations related to Client systems or any third party systems that participate in the payment transactions that are outside of Paymentus Platform. Paymentus highly recommends that Client uses Paymentus Fully Hosted Solution to substantially reduce its PCI compliance and data breach risks. If Client chooses to use any other option other than Paymentus Fully Hosted Solution, Client agrees and warrants that Client shall remain PCI compliant throughout the term of this Agreement. For clarity, just because Client uses PCI compliant applications such as its billing software, it does not eliminate the need for Client to be PCI compliant. Per PCI requirements, if a party’s systems participate in processing, or accepting or storing card transactions, such party is required to be PCI compliant as the systems are in scope.
PCI Compliance. (Include if applicable) Contractor represents and warrants that for the life of the Contract, the software and services used for processing credit card transactions shall be compliant with standards established by the PCI Security Standards Council (xxxxx://xxx.xxxxxxxxxxxxxxxxxxxx.xxx/index.shtml). Contractor must clearly define the managed PCI DSS requirements and provide a written agreement that the Contractor is responsible for the security of the cardholder data the Contractor possesses or otherwise stores, processes or transmits on behalf of the University. Contractor agrees to indemnify and hold University, its officers, employees, and agents, harmless for, from and against any and all claims, causes of action, suits, judgments, assessments, costs (including reasonable attorneys’ fees) and expenses arising out of or relating to any loss of University customer credit card or identity information managed, retained or maintained by Contractor, including but not limited to fraudulent or unapproved use of such credit card or identity information. Contractor must annually submit the appropriate “Attestation of Compliance” to the University and clearly identify the services and system components that are included in the scope of their assessment.
PCI Compliance. In the event Vendor engages in payment card transactions as a part of the services provided to Comcast, Vendor shall comply with the Payment Card Industry Data Security Standards ("PCI DSS") and any amendments or restatements of the PCI DSS during the term of this Agreement. Vendor accepts responsibility for the security of customer credit card data in its possession, even if all or a portion of the services to Comcast are subcontracted to third parties.
PCI Compliance. 13.1 Supplier shall at all times, for as long as Supplier impacts the security of the University’s cardholder data environment, or stores, processes, handles or transmits cardholder data in any manner or in any format on behalf of the University, comply with all applicable requirements of the current version of the Payment Card Industry Data Security Standard (“PCI DSS”) for cardholder data that is prescribed by the Payment Card Industry Security Standards Council, as it may be amended from time to time. The most current versions of the PCI DSS requirements documentation are available at the PCI Security Standards Council website, xxxxx://xxx.xxxxxxxxxxxxxxxxxxxx.xxx/.
13.2 Supplier must be designated by Visa as a Level 1 Supplier and be listed in Visa’s Global Registry of service providers. Service providers that self-assess their PCI compliance are not eligible to become a PCI Supplier for the University. Supplier shall validate compliance with PCI DSS as required, and shall have provided appropriate documentation to the University before the Agreement is signed and upon request by the University thereafter, at least annually, for as long as services are provided. Validation instructions and documentation are available at the PCI Security Standards Council website, xxxxx://xxx.xxxxxxxxxxxxxxxxxxxx.xxx/. Supplier must notify the University of any failure to comply with the PCI-DSS requirements.
13.3 Supplier acknowledges and agrees that cardholder data may only be used for assisting in completing a card transaction, for fraud control services, for loyalty programs, or as specifically agreed to by the card associations or as required by applicable law. Supplier is solely responsible for the security of cardholder data in its possession, or in the possession of a third-party retained by Supplier. In the event of unauthorized access to cardholder data which occurs during the access, storage, processing, or transmission of cardholder data by the Supplier, or by a third-party retained by Supplier, Supplier shall immediately notify the University, which shall not be more than forty-eight (48) hours after becoming aware of such unauthorized access.
13.4 In the event of unauthorized access to cardholder data which occurs during access, storage, processing, or transmission of cardholder data by the Supplier, or by a third-party retained by Supplier, Supplier will pay all fees, cost escalations, assessments, tariffs, penalties or fines that may be imposed under the...
