Certificate No. 512214122758024

Certificate Number: 512214122758024
Certificate Holder: PT Sprint Asia Technology

Jl. Raya RS Fatmawati No. 7
DKI Jakarta 12140
Indonesia
Scope:

Provisioning of credit card payment service for authorization using web application

Description:

The Payment Card Industry Security Standards Council (PCI SSC) accredited certification body - PT TUV Rheinland Indonesia confirms that certificate holder’s scope defined above is compliant with Payment Card Industry Data Security Standard Version 3.2.

Certificate Type: Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard (PCI DSS) provides an actionable framework for developing a robust payment card data security process -- including prevention, detection and appropriate reaction to security incidents. The PCI DSS requirements are summarized below:

1. Build and maintain a Secure Network • Firewall Management • Vendor Default Controls

2. Protect Cardholder Data • Data Protection • Data Transmission Encryption

3. Maintain Vulnerability Management Program • Anti-virus Control • System & Application Security

4. Implement Strong Access Control Measures • Data Access Control • Personal Access Control • Physical Access Control

5. Regularly Monitor and Test Networks • Data & Network Access Controls • Security testing

6. Maintain Information Security Policy • Information Security Policy Compliance