Regarding Cardholder Information. While SHIFT4 has informed Merchant’s Third-Party Software providers of the need to conform to PCI DSS, Visa’s Cardholder Information Security Program (CISP), MasterCard’s Site Data Protection (SDP), American Express’ Data Security Operating Policies (DSOP), to encrypt and tokenize the credit card numbers and expiration dates and to not maintain, any longer than is necessary for the authorization event, the card swipe data or the CVV2 [Visa], CVC2 [MasterCard], or CID [American Express and Novus/Discover] in their databases, Merchant should remind its Third-Party Software providers of the need to conform with these programs and the minimum security necessary to protect Merchant’s Cardholder Information.
Appears in 3 contracts
Samples: Gateway Services Agreement, Gateway Services Agreement, Gateway Services Agreement
Regarding Cardholder Information. While SHIFT4 has informed Merchant’s Third-Party Software providers of the need to conform to PCI DSS, Visa’s Cardholder Information Security Program (CISP), MasterCard’s Site Data Protection (SDP), American Amer- ican Express’ Data Security Operating Policies (DSOP), to encrypt and tokenize the credit card numbers and expiration dates and to not maintain, any longer than is necessary for the authorization event, the card swipe data or the CVV2 [Visa], CVC2 [MasterCard], or CID [American Express and Novus/Discover] in their databases, Merchant should remind its Third-Party Software providers of the need to conform with these programs and the minimum security necessary to protect Merchant’s Cardholder Information.
Appears in 1 contract
Samples: Gateway Services Agreement
Regarding Cardholder Information. While SHIFT4 has informed Merchant’s Third-Party Software providers of the need to conform con- form to PCI DSS, Visa’s Cardholder Information Security Program (CISP), MasterCard’s Site Data Protection (SDP), American ExpressEx- press’ Data Security Operating Policies (DSOP), to encrypt and tokenize the credit card numbers and expiration dates and to not maintain, any longer than is necessary for the authorization event, the card swipe data or the CVV2 [Visa], CVC2 [MasterCard], or CID [American Express and Novus/Discover] in their databases, Merchant should remind its Third-Party Software providers of the need to conform with these programs and the minimum security necessary to protect Merchant’s Cardholder Information.
Appears in 1 contract
Samples: Gateway Services Agreement
Regarding Cardholder Information. While SHIFT4 has informed Merchant’s Third-Party Software providers of the need to conform to PCI DSS, Visa’s Cardholder Information Security Program (CISP), MasterCard’s Site Data Protection (SDP), American Express’ Data Security Operating Policies (DSOP), to encrypt and tokenize the credit card numbers and expiration dates and to not maintain, any longer than is necessary for the authorization event, the card swipe data or the CVV2 [Visa], CVC2 [MasterCard], or CID [American Express and Novus/Discover] in their databases, Merchant should remind its Third-Party Software providers of the need to conform conform with these programs and the minimum security necessary to protect Merchant’s Cardholder Information.
Appears in 1 contract
Samples: Service Agreement
