PCI Requirements Sample Clauses

The PCI Requirements clause mandates that parties handling payment card data must comply with the Payment Card Industry Data Security Standard (PCI DSS). This typically involves implementing security measures such as encrypting cardholder data, maintaining secure networks, and undergoing regular compliance assessments. The core function of this clause is to ensure that sensitive payment information is protected and to reduce the risk of data breaches, thereby safeguarding both consumers and businesses from financial and reputational harm.
POPULAR SAMPLE Copied 4 times
PCI Requirements. If Receiving Party has access to, stores, or processes the Disclosing Party’s customers’ cardholder information, Receiving Party hereby confirms that it has on file a current Report on Compliance, evidencing that it is in compliance with the payment card industry (“PCI”) data security standard (“DSS”). Receiving Party shall provide Disclosing Party with a copy of the PCI DSS Attestation of Compliance Letter upon request. In addition to the foregoing, to the extent applicable to the Services being provided to Disclosing Party hereunder, Receiving Party will comply with and adhere to the PCI DSS in effect from time to time. Each party shall be responsible for the implementation, testing, and compliance with respect to PCI data security controls within their respective PCI DSS boundaries. These requirements are applicable to all infrastructure and systems processing or storing any cardholder information as defined by the PCI DSS. Any change in Receiving Party’s PCI compliance and/or certification status shall be promptly communicated to Disclosing Party.
View SourceView Similar (3)
PCI Requirements. Contractors providing services and products that collect, transmit or store cardholder data, are subject to the following requirements: a. Applications shall be compliant with the Payment Application Data Security Standard (PA-DSS) and validated by a Payment Application Qualified Security Assessor (PA- QSA). A Contractor whose application has achieved PA-DSS certification must then be listed on the PCI Council’s list of PA-DSS approved and validated payment applications. b. Gateway providers shall have appropriate Payment Card Industry Data Security Standards (PCI DSS) certification as service providers (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/▇▇▇▇▇.▇▇▇▇▇). Compliance with the PCI DSS shall be achieved through a third party audit process. The Contractor shall comply with Visa Cardholder Information Security Program (CISP) and MasterCard Site Data Protection (SDP) programs. c. For any Contractor that processes PIN Debit Cards, payment card devices supplied by Contractor shall be validated against the PCI Council PIN Transaction Security (PTS) program. d. For items 63(a) to 63(c) above, Contractor shall provide a letter from its qualified security assessor (QSA) affirming its compliance and current PCI or PTS compliance certificate. e. Contractor shall be responsible for furnishing City with an updated PCI compliance certificate 30 days prior to its expiration.
View SourceView Similar (2)
PCI Requirements. Contractors providing services and products that handle, transmit or store cardholder data, are subject to the following requirements: a. Applications shall be compliant with the Payment Application Data Security Standard (PA-DSS) and validated by a Payment Application Qualified Security Assessor (PA- QSA). A Contractor whose application has achieved PA-DSS certification must then be listed on the PCI Councils list of PA-DSS approved and validated payment applications. b. Gateway providers shall have appropriate Payment Card Industry Data Security Standards (PCI DSS) certification as service providers (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/▇▇▇▇▇.▇▇▇▇▇), including the PCI DSS Cloud Computing Guidelines. Compliance with the PCI DSS shall be achieved through a third party audit process. The Contractor shall comply with Visa Cardholder Information Security Program (CISP) and MasterCard Site Data Protection (SDP) programs. c. For any Contractor that processes PIN Debit Cards, payment card devices supplied by Contractor shall be validated against the PCI Council Pin Transaction Security (PTS) program. d. For items 56(a) to 56(c) above, Contractor shall provide a letter from their qualified security assessor (QSA) affirming their compliance and current PCI or PTS compliance certificate. e. Contractor shall be responsible for furnishing City with an updated PCI compliance certificate 30 days prior to its expiration. f. Bank Accounts. Collections that represent funds belonging to the City and County of San Francisco shall be deposited, without detour to a third party’s bank account, into a City and County of San Francisco bank account designated by the Office of the Treasurer and Tax Collector.
View Source
PCI Requirements a. Applications shall be compliant with the Payment Application Data Security Standard (PA-DSS) and validated by a Payment Application Qualified Security Assessor (PA-QSA). A Contractor whose application has achieved PA-DSS certification must then be listed on the PCI Council’s list of PA-DSS approved and validated payment applications. b. Gateway providers shall have appropriate Payment Card Industry Data Security Standards (PCI DSS) certification as service providers (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/index.shtml). Compliance with the PCI DSS shall be achieved through a third party audit process. The Contractor shall comply with Visa Cardholder Information Security Program (CISP) and MasterCard Site Data Protection (SDP) programs. c. For any Contractor that processes PIN Debit Cards, payment card devices supplied by Contractor shall be validated against the PCI Council PIN Transaction Security (PTS) program. d. For items 62(a) to 62(c) above, Contractor shall provide a letter from its qualified security assessor (QSA) affirming its compliance and current PCI or PTS compliance certificate. e. Contractor shall be responsible for furnishing City with an updated PCI compliance certificate 30 days prior to its expiration. f. Bank Accounts. Collections that represent funds belonging to the City and County of San Francisco shall be deposited, without detour to a third party’s bank account, into a City and County of San Francisco bank account designated by the Office of the Treasurer and Tax Collector.
View Source
PCI Requirements. Contractors providing services and products that collect, transmit or store cardholder data, are subject to the following requirements:
View Source
PCI Requirements. In addition to the obligations set forth above, and notwithstanding anything in this Agreement to the contrary, TSYS and COMPANY each will comply with and adhere to the payment card industry (“PCI”) data security standard (“DSS”) in effect from time to time, shall implement and maintain appropriate measures to comply with PCI DSS and, to extent required by applicable issuers or payment networks contracting with a party, such party shall require its vendors and suppliers to comply with PCI DSS and as well as PA-DSS. In the event a PCI representative or PCI authorized third-party seeks to conduct a security audit or review of TSYS or COMPANY at any time, including, without limitation, after an alleged or actual security intrusion, for the purpose of validating TSYS’ or COMPANY’s status, effectiveness or compliance with the PCI DSS, the audited party will fully cooperate with such audit or review. Each party shall immediately notify the other party in the event it has suffered a data breach or other system intrusion.
View Source

Related to PCI Requirements

  • System Requirements Apple Software is supported only on Apple-branded hardware that meets specified system requirements as indicated by Apple.

  • Basic Requirements To be eligible for PayPal’s Seller Protection program, all of the following basic requirements must be met, as well as any applicable additional requirements: • The primary address for your PayPal account must be in the United States. • The item must be a physical, tangible good that can be shipped, except for items subject to the Intangible Goods Additional Requirements. Transactions involving items that you deliver in person in connection with payment made in your physical store, may also be eligible for PayPal’s Seller Protection program so long as the buyer paid for the transaction in person by using a PayPal goods and services QR code. • You must ship the item to the shipping address on the Transaction Details page in your PayPal account for the transaction. If you originally ship the item to the recipient’s shipping address on the Transaction Details page but the item is later redirected to a different address, you will not be eligible for PayPal’s Seller Protection program. We therefore recommend not using a shipping service that is arranged by the buyer, so that you will be able to provide valid proof of shipping and delivery. • The shipping requirement does not apply to eligible transactions involving items that you deliver in person; provided, however, that you agree to provide us with alternative evidence of delivery or such additional documentation or information relating to the transaction that we may request. • You must respond to PayPal’s requests for documentation and other information in a timely manner as requested in our email correspondence with you or in our correspondence with you through the Resolution Center. If you do not respond to PayPal’s request for documentation and other information in the time requested, you may not be eligible for PayPal’s Seller Protection program. • If the sale involves pre-ordered or made-to-order goods, you must ship within the timeframe you specified in the listing. Otherwise, it is recommended that you ship all items within 7 days after receipt of payment. • You provide us with valid proof of shipment or delivery. • The payment must be marked “eligible” or “partially eligible” in the case of Unauthorized Transaction claims, or “eligible” in the case of Item Not Received claims, for PayPal’s Seller Protection program on the Transaction Details page. • In the case of an Unauthorized Transaction claim, you must provide valid proof of shipment or proof of delivery that demonstrates that the item was shipped or provided to the buyer no later than two days after PayPal notified you of the dispute or reversal. For example, if PayPal notifies you of an Unauthorized Transaction claim on September 1, the valid proof of shipment must indicate that the item was shipped to the buyer no later than September 3 to be eligible for PayPal’s Seller Protection program. PayPal determines, in its sole discretion, whether your claim is eligible for PayPal’s Seller Protection program. PayPal will make a decision, in its sole discretion, based on the eligibility requirements, any information or documentation provided during the resolution process, or any other information PayPal deems relevant and appropriate under the circumstances. To be eligible for PayPal’s Seller Protection program for a buyer’s Item Not Received claim, you must meet both the basic requirements and the additional requirements listed below: • Where a buyer files a chargeback with the issuer for a card-funded transaction, the payment must be marked “eligible” for PayPal’s Seller Protection on the Transaction Details page. • You must provide proof of delivery as described below.

  • DBE Requirements A. Notice is hereby given to the CONSULTANT and any SUB-CONSULTANT, and both agree, that failure to carry out the requirements set forth in 49 CFR Sec. 26.13(b) shall constitute a breach of this Contract and, after notification and failure to promptly cure such breach, may result in termination of this Contract or such remedy as INDOT deems appropriate. The referenced section requires the following assurance to be included in all subsequent contracts between the CONSULTANT and any SUB-CONSULTANT: The CONSULTANT, sub recipient or SUB-CONSULTANT shall not discriminate on the basis of race, color, national origin, or sex in the performance of this Contract. The CONSULTANT shall carry out applicable requirements of 49 CFR Part 26 in the award and administration of DOT-assisted contracts. Failure by the CONSULTANT to carry out these requirements is a material breach of this Contract, which may result in the termination of this Contract or such other remedy, as INDOT, as the recipient, deems appropriate. B. The CONSULTANT shall make good faith efforts to achieve the DBE percentage goal that may be included as part of this Contract with the approved DBE SUB-CONSULTANTS identified on its Affirmative Action Certification submitted with its Letter of Interest, or with approved amendments. Any changes to a DBE firm listed in the Affirmative Action Certification must be requested in writing and receive prior approval by the LPA and INDOT’s Economic Opportunity Division Director. After this Contract is completed and if a DBE SUB- CONSULTANT has performed services thereon, the CONSULTANT must complete, and return, a Disadvantaged Business Enterprise Utilization Affidavit (“DBE-3 Form”) to INDOT’s Economic Opportunity Division Director. The DBE-3 Form requires certification by the CONSULTANT AND DBE SUB-CONSULTANT that the committed contract amounts have been paid and received.

  • Time Requirements The Independent Contractor will not be required to follow or establish a regular or daily work schedule, but shall devote during the term of this Agreement the time, energy and skill as necessary to perform the services of this engagement and shall, periodically or at any time upon the request of the Company, submit information as to the amount of time worked and scope of work performed.

  • Local Law Requirements Spain. With respect to Customers domiciled in Spain, in the event of any conflict between any statutory law in Spain applicable to Customer, and the terms and conditions of this Agreement, the applicable statutory law shall prevail.