Affinion Achieves Highest Security Standards For Online Billing, Information Security Management
Global Marketer Attains World-Class PCI DSS and ISO Credentials
This achievement adds to the company’s growing list of prestigious security certifications, including the ISO 27001 for Information Security Management and Cybertrust Enterprise Certification. Affinion’s Cybertrust and ISO designations make it one of only 85 companies in
The PCI DSS certification is the highest security standard and recognizes that the company provides its customers with the most stringent security standards in the credit card industry. Affinion, which has been PCI compliant since that measurement’s inception in 2004, now also joins a select group of companies with the Level 1 PCI DSS compliance.
“Achieving the highest level of PCI DSS certification reinforces Affinion’s longstanding commitment to leadership in information protection as we continuously seek to raise the bar for these practices in our industry,” said
PCI DSS certification signifies that a company has implemented an information security management system that meets the most stringent security standards.
“Receiving this certification signals to the world that we proactively make information security a top business and management priority,” said Scott vonFischer, chief information security officer for Affinion. “By adopting the highest security standards in the industry we are leading the way as a world-class data security company for our clients, customers and partners.”
The PCI DSS certification is an ongoing process, and Affinion will continually strive to meet the rigorous standards as the industry evolves in the future. PCI DSS compliance and other security measures will protect Affinion clients and customers against lost transactions and financial penalties generated from credit card fraud, ID theft, breaches, Internet viruses and more.
PCI DSS is defined as:
- A set of comprehensive requirements for enhancing payment account data security, which were developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard and Visa, to help facilitate the broad adoption of consistent data security measures on a global basis.(1)
- A multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
- Governed by the PCI Security Standards Council, composed of representatives from the founding payment brands.
Key attributes of the PCI DSS include:
- Building and maintaining a vulnerability management program that incorporates and updates next generation anti-virus software, secure systems and applications.
- Implementing strong access control measures such as restricting access to cardholder data, assigning a unique encrypted ID to each employee with computer access and restricting physical access to cardholder data.
- Monitoring and testing of all networks, security systems and processes.
- Maintaining a strict information security policy for employees, vendors and contractors.
As Affinion continues to position itself on the leading-edge of information security in the direct marketing industry, the company has established a solid foundation to build best practices in data protection in 2009 and beyond. A key priority in maintaining the highest standards of privacy is to work closely with current and future partners to insure that all information — either supplied or created through product development — is treated with the utmost confidentiality, integrity and protection. As part of this commitment, Affinion will leverage its comprehensive risk management strategies in the design, implementation and maintenance of an advanced information security management system.
Affinion is also dedicated to complying with all regulatory, voluntary and corporate standards, while establishing consistent policies that support its industry-leading information security position around the globe.
About Affinion Group
As a global leader with nearly 35 years of experience, Affinion Group (www.affinion.com) enhances the value of its partners’ customer relationships by developing and marketing valuable loyalty, membership, checking account, insurance and other compelling products and services. Leveraging its expertise in product development and targeted marketing, Affinion provides comprehensive customer engagement and loyalty solutions that enhance or extend the relationship of millions of customers with many of the largest and most respected companies in the world, while helping to generate significant incremental revenue for more than 5,500 affinity partners worldwide, including many of the largest and most respected companies in financial services, retail, travel, and Internet commerce. Based in
(1) http://www.pcisecuritystandards.org/
SOURCE Affinion Group