Certified Government Payments is committed to the needs and concerns
of our customers which are government agencies and credit card users. As
part of our continuing effort to minimize the opportunities for identity
theft while maintaining efficient and effective services, Certified
Government Payments will continue to comply with highest industry
compliance measures. Certified Government Payments uses the highest
level of encryption and the latest security tools to ensure security and
Key Features of our Security
SSL Security: All of Certified Government
Payments' communications and processing occurs through 1024-bit SSL
(Secure Socket Layers).
PCI Compliance: Certified Government Payments
is committed to PCI (Payment Card Industry) compliance, and audits
regularly to ensure data security. Certified Government Payments runs active,
real-time credit card analysis that watches for card fraud patterns.
Verified by Visa: Verified by Visa
protects your Visa cards against unauthorized use on the Internet.
It allows you to verify your identity when you use a Visa card for an online
payment on the Certified Government Payments website. This protects
your Visa card from being used fraudulently. You first need to
activate this service for your card and receive a Verified by Visa password.
This password will then be utilized to initiate a payment on
our payment processing system using Verified by Visa.
Do I have to use it at your site? If your Visa Card Issuer
participates in the Verified by Visa program and your account is
activated, then we will ask you to use it while on our site. We've added
Verified by Visa to our payment process to help prevent fraudulent activity.
CISP Compliance : Certified Government Payments is
proud to be Visa CISP (Cardholder Information Security Program) compliant.
Through the CISP program Certified Government Payments is certified by Visa
to be up to date with the security regulations assigned by 3rd party
assessors. The Visa U.S.A. CISP defines a standard of due care and enforcement
for protecting sensitive information. Because the payment industry places
a high priority on maintaining the confidentiality and integrity of
account and personal data, the CISP requirements are directed to all entities
that store, process, or transmit cardholder information. The program
ensures the annual validation of merchants and all service providers on
both the issuing and acquiring side of the business.
- Install and maintain a working firewall to protect data
- Keep security patches up-to-date
- Protect stored data
- Encrypt data sent across public networks
- Restrict access by “need to know”
- Assign unique ID to each person with computer access
- Don't use vendor-supplied defaults for passwords and security parameters
- Track all access to data by unique ID
- Regularly test security systems and processes
- Implement and maintain an information security policy
- Restrict physical access to data.
- How CISP Works: All eligible Merchants and Service
Providers must comply with the 12 basic CISP requirements. Compliance
actions, however, are scaled to a level of risk that is based on the number
of accounts stored or processed.
SDP Compliance : The MasterCard SDP (Site Data
Protection) Service is a proactive, cost-effective, global solution offered
by MasterCard through its acquiring members. The SDP Service includes
network vulnerability scans and alert services offered by MasterCard's
SDP Service and Security Audit partners. MasterCard Security
: As a member of the SDP program, Certified Government
Payments utilitzes security procedures to protect online cardholder data.
For more information regarding the MasterCard Site Data Protection program we
recommend you visit the official MasterCard SDP website