Payment Card Industry Data Security Standard (PCI DSS)

TNS is a Level 1 PCI DSS certified service provider. With a comprehensive risk management and compliance framework in place, TNS has consistently maintained this certification across all its in-scope environments globally for over 10 years.

TNS’ Attestations of Compliance (AoCs) are available upon request through the Account Manager or by sending an email to pci-dss@tnsi.com. TNS’ certifications are also listed on the relevant Visa and Mastercard websites as “Transaction Network Services (TNS)”.

The key aspects of PCI DSS are:

Build and maintain a secure network and systems

• Install and maintain a firewall configuration to protect cardholder data.
• Do not use vendor-supplied defaults for system passwords and other security parameters.

Protect cardholder data

• Protect stored cardholder data.
• Encrypt transmission of cardholder data across open, public networks.

Maintain a vulnerability management program

• Protect all systems against malware and regularly update anti-virus software or programs.
• Develop and maintain secure systems and applications.

Implement strong access control measures

• Restrict access to cardholder data by business need-to-know.
• Identify and authenticate access to system components.
• Restrict physical access to cardholder data.

Regularly monitor and test networks

• Track and monitor all access to network resources and cardholder data.
• Regularly test security systems and processes.

Maintain an information security policy

• Maintain a policy that addresses information security for all personnel.

To learn more about PCI DSS, please visit http://www.pcisecuritystandards.org/