Amgraf Logo BannerGo to the Amgraf Home Page
 

Click to Display the Amgraf PCI Certificate
 
Payment Card Industry Data Security Standard

There are many legitimate concerns when it comes to safe shopping on the Internet and any time you give your credit card information you want to be assured that it is safe from getting into criminal hands. Amgraf, Inc. takes its customers safety seriously and has taken measures to ensure that purchases made from websites managed by Amgraf are secure. At Amgraf your personal and billing information is kept safe by encryption and firewall technology.
 

 
 

PCI Compliance

Amgraf meets the standard requirements of the Payment Card Industry Data Security Standard (PCI DSS) for safe online shopping. These requirements are meant to guarantee that secure environments are being maintained by any company that is processing, storing or transmitting credit card information. Amgraf is tested and certified as credit card safe on a quarterly basis by Security Metrics.

The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help payment card industry organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise. The standard applies to all organizations that hold, process, or exchange cardholder information from any card branded with the logo of one of the card brands.

Validation of compliance can be performed either internally or externally, depending on the volume of card transactions the organization is handling, but regardless of the size of the organization, compliance must be assessed annually. Organizations handling large volumes of transactions must have their compliance assessed by an independent assessor known as a Qualified Security Assessor (QSA), while companies handling smaller volumes have the option of demonstrating compliance via a Self-Assessment Questionnaire (SAQ).

Enforcement of compliance is done by the bodies holding relationships with the in-scope organizations. Thus, for organizations processing Visa or MasterCard transactions, compliance is enforced by the organization's acquirer, while organizations handling American Express transactions will deal directly with American Express for the purposes of compliance. In the case of third party suppliers such as hosting companies who have business relationships with in-scope organizations, enforcement of compliance falls to the in-scope company, as neither the acquirers nor the card brands will have appropriate contractual relationships in place to mandate compliance. Non-compliant companies who maintain a relationship with one or more of the card brands, either directly or through an acquirer, risk losing their ability to process credit card payments and being audited and/or fined.

 

Secure Sockets Layer (SSL) Server Data Encryption

Amgraf ensures safe Internet shopping by employing Netscape's technology called SSL or Secured Sockets Layer. SSL works by encrypting your order information so that it is not easily read by unauthorized persons.

What is an SSL Certificate?

At its most basic, an SSL Certificate is a piece of software that encrypts all information moving to and from the Certificate holderís website. This means no exchange between the website and its visitors can be intentionally or accidentally ďoverheardĒ by a third party, regardless of whether the visitor is placing an order or just signing up for a newsletter.

Once a website visitor enters a secure area of an SSL-protected website, the following takes place:

  • The visitorís browser requests a secure session from the server on which the website is stored.
  • The server responds by sending the visitorís browser a digital copy of its server certificate.
  • The visitorís browser verifies that the serverís certificate is valid, is being used by the website for which it was issued, and has been issued by a Certificate Authority that the browser trusts.
  • If the certificate is validated, the browser generates a one-time ďsessionĒ key and encrypts it with the serverís public key.
  • The visitorís browser sends the encrypted session key to the server so that both server and browser have a copy.
  • The server decrypts the session key using its private key.
  • The SSL “handshake” process is complete, and a secure connection has been established.
  • A padlock icon and “https://” prefix appear in the visitorís browser bar, indicating that a secure session is under way.
  • Called the SSL “handshake,” this entire process takes place behind the scenes, providing an uninterrupted experience for the site visitor.
 
 

Amgraf Sales • (800) 304-4797 • Toll Free
 

 

Forms Software Technology for Print Manufacturing, Industry and Government

     
 

Online Demos
 
Electronic Forms
International E-Forms
Web-to-Print
Data Capture
WebEx Conference

Forms Design
 
Drawing Features
Variable Imaging
Database Composition
Flexographic Labels

Secure Documents
 
Graphical Features
Layered Documents
LogoDot/NaNOcopy

Product Literature
 
Demo Videos
Education/Training
Associations
Privacy Policy
Price List

We Protect Your Credit Card Information

Amgraf is Payment Card Industry Compliant