Reply
Highlighted
Moderator
Posts: 5
Registered: ‎04-09-2013

FAQ - Is the SAP Authentication 365 solution PCI DSS Compliant?

[ Edited ]

PCI DSS applies to protecting a financial institution’s cardholder data. 

  • Our solution for the generation of tokens does not access nor maintain ANY cardholder data.
  • SAP Authentication 365 PIN generation uses industry standard algorithms to generate PINs (e.g. tokens) that can be transmitted via Push or SMS (or even voice or email).
  • Our servers are highly secured behind firewalls and not readily accessible from the Internet.
  • Tokens expire after a short time and end-users must quickly authenticate. Furthermore tokens will need to be resent to end-users should the end-user get the token wrong after a number of tries.

For more information, refer to:

 

PCI DSS 2.jpg