Credit Card Online Security
Spotlighters Theatre processes all credit card transactions through the ARTS PEOPLE online system, using Authorize.net and PNC Business as the credit card processing agent. No credit card information is stored following the completion of a ticket or retail transaction. Only recurring donation transactions retain credit information. This is maintained on a secure database server.
ARTS PEOPLE is 100% PCI compliant to credit card processing and storage regulations.
Self-assessments and vulnerability scans are run every 90 days per PCI compliance standards:
Network devices certified as HACKER SAFE are tested daily and certified to pass all external vulnerability audit recommendations of the Department of Homeland Security's National Infrastructure Protection Center (NIPC) and the requirements of the Payment Card Industry Data Security Standard (PCI-DSS). HACKER SAFE certification also meets the requirements for network vulnerability audits of the CHILDREN'S ONLINE PRIVACY PROTECTION ACT OF 1998, the HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA), the GRAMM-LEACH-BAILEY ACT (GLBA) protecting financial information, and the SARBANES-OXLEY ACT (SOX).
PCI COMPLIANCE - Signifies device is compliant with the remote vulnerability audit requirements of the Payment Card Industry Data Security Standard (PCI-DSS), Visa USA's Cardholder Information Security Program (CISP), Visa International's Account Information Security (AIS) program, MasterCard International's Site Data Protection (SDP) program, the American Express Data Security Standards (DSS), and Discover Card's DISC program.
ARTS PEOPLE systems are scanned by vendor McAfee, under certificate number 3709-01-01 in the framework of the PCI data security initiative and took into consideration security requirements as expressed in the MasterCard SDP Security Standard.
As a Qualified Independent Scan Vendor, McAfee is accredited by Visa, MasterCard, American Express, Discover Card and JCB to perform network security audits conforming to the Payment Card Industry (PCI) Data Security Standards.
To earn validation of PCI compliance, network devices being audited must pass tests that probe all of the known methods hackers use to access private information, in addition to vulnerabilities that would allow malicious software (i.e. viruses and worms) to gain access to or disrupt the network devices being tested.
Sites are tested and certified daily to meet all U.S. Government requirements for remote vulnerability testing as set forth by the National Infrastructure Protection Center (NIPC). They are also certified to meet the security scanning requirements of Visa USA's Cardholder Information Security Program (CISP), Visa International's Account Information Security (AIS) program, MasterCard Internationals's Site Data Protection (SDP) program, American Express' CID security program, the Discover Card Information Security and Compliance (DISC) program within the framework of the Payment Card Industry (PCI) Data Security Standard.
ARTS PEOPLE is 100% PCI compliant to credit card processing and storage regulations.
Self-assessments and vulnerability scans are run every 90 days per PCI compliance standards:
Network devices certified as HACKER SAFE are tested daily and certified to pass all external vulnerability audit recommendations of the Department of Homeland Security's National Infrastructure Protection Center (NIPC) and the requirements of the Payment Card Industry Data Security Standard (PCI-DSS). HACKER SAFE certification also meets the requirements for network vulnerability audits of the CHILDREN'S ONLINE PRIVACY PROTECTION ACT OF 1998, the HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA), the GRAMM-LEACH-BAILEY ACT (GLBA) protecting financial information, and the SARBANES-OXLEY ACT (SOX).
PCI COMPLIANCE - Signifies device is compliant with the remote vulnerability audit requirements of the Payment Card Industry Data Security Standard (PCI-DSS), Visa USA's Cardholder Information Security Program (CISP), Visa International's Account Information Security (AIS) program, MasterCard International's Site Data Protection (SDP) program, the American Express Data Security Standards (DSS), and Discover Card's DISC program.
ARTS PEOPLE systems are scanned by vendor McAfee, under certificate number 3709-01-01 in the framework of the PCI data security initiative and took into consideration security requirements as expressed in the MasterCard SDP Security Standard.
As a Qualified Independent Scan Vendor, McAfee is accredited by Visa, MasterCard, American Express, Discover Card and JCB to perform network security audits conforming to the Payment Card Industry (PCI) Data Security Standards.
To earn validation of PCI compliance, network devices being audited must pass tests that probe all of the known methods hackers use to access private information, in addition to vulnerabilities that would allow malicious software (i.e. viruses and worms) to gain access to or disrupt the network devices being tested.
Sites are tested and certified daily to meet all U.S. Government requirements for remote vulnerability testing as set forth by the National Infrastructure Protection Center (NIPC). They are also certified to meet the security scanning requirements of Visa USA's Cardholder Information Security Program (CISP), Visa International's Account Information Security (AIS) program, MasterCard Internationals's Site Data Protection (SDP) program, American Express' CID security program, the Discover Card Information Security and Compliance (DISC) program within the framework of the Payment Card Industry (PCI) Data Security Standard.
