ACME, a leading provider of ticketing, membership and donation management systems through cloud software, ensures that advanced data security is a key part of its payment platform.
A payment platform is one of the most important technologies that a museum or cultural institution uses. Payments are weaved into everything the venue manages, from ticketing to membership, donations and events. Payments are complex, and when operators process a patron or donor’s payment, they are collecting valuable and sensitive information. So, choosing the right solution for payment processing in order to protect patrons and their personal data is key.
Online security is key
Online data security is a crucial consideration when investing in cloud technology. In a world where we are continually inputting personal data into mobile, blue-tooth and cloud-connected devices, vulnerability to ill-intentioned parties has skyrocketed. Cybercriminals can bulldoze their way into unsecured systems.
Customers’ credit and debit card numbers, expiration dates, social security numbers, birth dates, addresses, travel information, drivers’ license numbers, etc., are among the personal information exposed to these adversaries.
As a contractor to the federal government, ACME has undergone intense scrutiny to fulfil rigorous cybersecurity compliance requirements. As a result of ACME’s compliance initiatives, the company recently thwarted an online data security breach for a museum client, protecting them from potentially tens of thousands of dollars in losses.
ACME’s investment in data security includes foundational PCI security compliance, which protects visitors’ payment card information. PCI compliance is required for all merchants that store, transmit or process payment card information. ACME is PCI Level 1 certified for their online and point of sale flows.
All entries to the data centres are secure with https. Payment and transaction flows are encrypted end-to-end on a point-to-point basis; ACME stores no actual credit card numbers, only encrypted versions manufactured by their trusted payment processors. EMV-based hardware further shrinks potential card fraud linked to magnetic stripes.
Adhering to strict regulations
Moreover, ACME has passed the strictest governmental regulations, as a government contractor. It follows the U.S. Federal FIPS-140-2 privacy laws government protection of personal information (PII) by ensuring all data is encrypted at rest; and, by providing configuration privacy controls to disable cookies for outbound transactional emails, at the client’s request.
ACME’s multi-tenant, true cloud platform is a comprehensive enterprise system that pledges to provide enduring out-of-the-box security and privacy compliances as well as zero downtime on your end.
Earlier this year, ACME announced that it has partnered with softtouch.io to help attractions adapt to the challenges presented by COVID-19.