Compass is PCI DSS Level One compliant.
Is your school management system provider?
The Payment Card Industry Security Standards Council (PCI SSC) is an independent body founded in 2006.
PCI DSS compliance refers to a comprehensive set of security standards, requiring that any organisation that stores, processes, or transmits customer credit card information maintains strict controls and a secure environment. In order to achieve compliance, an organisation must demonstrate that they have implemented a number of mandated objectives, relating to technology design, network and physical data security.
As Compass continues to expand its offerings for schools, parents and carers in Compass school communities, the number of payments processed by Compass has grown.
For example, using our new Canteen module, parents can now order and pay for school lunches through Compass. Similarly, we will be introducing the ability for parents to pay for events from the Compass app. Processing these payments, and indeed, offering great functionality like the ability for users to save their credit card details within our app, requires PCI DSS compliance.
Just as schools have a diverse range of regulation requirements they must meet, good providers to schools should endeavour to ensure they too are fully compliant.
You can search search the Visa Global Registry of Service Providers and the Mastercard list of payment facilitators to see whether your school management system is a validated provider. You should also look out for the 'On the list! 2019' logo on the site of providers.
You can find more information about what it means to be on the Visa Global Registry here. The Visa Global Registry of Service Providers explains the importance of being on the registry:
The Compass platform is fully cloud-based allowing your school community to access information on the go through their mobile, tablet, laptop or PC.
The platform is scalable with extensive configuration options allowing you to tailor the platform to suit your needs. With adherence to strict safety and security standards, the platform supports learning outcomes, while keeping student data safe and secure.