Local authorities improving delivery of local services with ICON

ICON e-payment managed service now fully accredited to PCI DSS Level 1

Civica today announces that its ICON ePayment managed service is now fully accredited to the PCI DSS (Payment Card Industry Data Security Standard) Level 1 standard, giving local authorities the opportunity to further improve the way they deliver local services with secure payment platforms. 

ICON provides local authorities with the ability to manage payments from all sources across all departments 24 hours a day, 7 days a week. Modular internet, intranet, phone and kiosk payment channels help authorities reduce administration and labour intensive processes, cutting costs and making it possible to reallocate staff to front office services. The upgraded hosted service is available to all 180 Civica customers using the ICON payment system and will ensure all payment transactions processed via ICON adhere to strict security standards demanded by PCI DSS.

David Roots, Managing Director, Civica UK says: “As Britain’s local authorities put a greater range of services online or electronically, they could put themselves at risk of fraud by failing to manage credit and debit cards transactions with the same level of security as cash. PCI DSS accredited systems will enable councils to offer significantly enhanced payment account data security to residents, in addition to reducing administration costs. It also allows council financial departments to become service hubs, streamlining transactions and administration across a range of different departmental services.”

To ensure continued confidence, Civica is also in the process of gaining PA DSS accreditation for its ICON e-payment product family to boost data privacy and continue the development of Secure and Complaint Software applications. The PA DSS accreditation indicates that secure payment applications do not store prohibited data.

Independent data security and payment card industry compliance specialist Trustwave (www.trustwave.com) has worked with Civica throughout both projects, conducting compliance audits as well as independent penetrating testing to ensure both projects adhere to strict industry standards.

PCI DSS, administered by the Payment Card Industry Security Standards Council, is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. Providers must gain accreditation for systems in which credit card details are held, processed or transmitted.

About the PCI Data Security Standard

The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.