Tarlanpayments
Eng
Eng
  • Acquiring
    • General information
      • Structure of payment processing
      • Kinds of operations
      • 3D-Secure
      • PCI DSS
    • Types of transactions
    • Structure of system responses
    • Error code
    • Transaction statuses
    • Signature Creation
    • Additional parameters
    • Interaction with the payment method
      • Initiating funds receipts
      • Initiating pay out
      • Card link
      • Initiating funds using Apple Pay
      • Initiating funds using Google Pay
      • Iframe
    • Payments without form of payment
      • One click
    • Smart Pay
      • Google pay
    • Supplementary methods
      • Removal of a linked user card
      • Verification of transaction status
      • Receiving a list of cards
      • Refund
      • Upper fee calculation
    • Webhook of the payment system
      • Payment Status
      • Payment ready to be made
    • Tilda Publishing
    • Edit summary
  • AGWS
    • Account Status Codes Guide
    • Error Codes
    • Reason for operation rejection
    • Transaction Lifetime
    • Transaction Status Guide
    • Creating a Signature
    • Check account status
    • Make a payment
    • Checking the refill status
    • Checking the remaining balance on the account
    • Confirmation of funds debit
    • Creating a payment link
    • Showcase Flow
    • Service Provider Flow
    • Payment System Callback
    • Payment Processing Scheme
  • Receiving a fiscal receipt
  • Calculation of the upper commission
Powered by GitBook
On this page
  1. Acquiring
  2. General information

PCI DSS

PCI DSS - an information security standard approved in Visa and Mastercard payment card industry. All companies that accept cards for payment must comply with such requirements. Some companies need to confirm their compliance.

Safety compliance

The underlying principle to which such standard is focused is the endeavor to limit access to the data related to the payment cards as much as possible.

It is acknowledged that the best solution is to avoid processing such data ever and to address to the certified providers for pay in as an alternative. Normally, this means that we should not request and should not transfer card numbers. In case if a customer attempts to provide a card number, for example during a call on a payment problem, it is our job to immediately interrupt this attempt and explain why we cannot accept such data.

If data is received via email or messengers, we must delete it and warn the sender of the risks of transmitting card data.

By sensitive data we mean:

  • Full card number

  • CVV2/CVC2 code (three digits located on the back side of the card).

  • The names of cardholders

  • Expire Time

Concealed card numbers (first 6 and last 4 digits) do not require the same stringent protection as required by the standard and may be used reasonably.

Tarlan Payments passes such certification annually and satisfies all PCI DSS requirements