With media reports of hacker incidences, stolen credit card numbers, and identity theft, consumers are understandably concerned about information security. We want absolute assurance from businesses that our credit card numbers and other personal information is secure.
Payment Card Industry’s Data Security Standard (PCI DSS) defines the standard for securing cardholder data, wherever it is located. Compliance is required of all entities storing, processing, or transmitting cardholder data. But PCI compliance isn't just about satisfying a list of guidelines - it's a way to protect a business and its customers' data from outside attacks.
Apigee has had customers across indistries including healthcare, retail, travel and entertainment running in our PCI compliant cloud since 2011. We recently successfully completed an annual audit and PCI recertification verifying that we continue to meet the Credit Card industry requirements for information security. What does this mean for our customers?
With Apigee, businesses can continue to easily tap the vast, affordable compute resources of “the cloud” to support their transactional API traffic with the confidence that all sensitive customer data remains protected. In addition to helping build and support scalable, secure PCI-compliant APIs Apigee helps with the processes and the security measures to protect cardholder information:
Apigee provides a hosted solution that enables PCI compliance
Apigee technology contributes to defense in depth, protects backend systems, and strengthens network security
The Apigee platform provides a central location for logging, policies, and security, which helps with auditing and attestations
The platform can perform data masking to log transactions without storing any sensitive information