What has Blackbaud done to become PCI compliant?
Blackbaud has validated compliance with the Payment Card Industry Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS). Brightline performed the PCI DSS validation for Blackbaud’s solutions within the hosted environment. Blackbaud offers both hosted and locally-installed payment solutions because all nonprofits operate differently. Alternatively, Blackbaud’s locally-installed payment solutions are PCI certified and compliant with PA-DSS.
The PCI DSS security requirements are endorsed by the PCI Security Standards Council, founded by a consortium of major credit card brands including Visa Inc., MasterCard Worldwide, American Express, Discover Financial Services, and JCB, to enhance credit and debit card data security. Validated as a Level 1 Service Provider and Payment Gateway, Blackbaud had to demonstrate compliance with 12 security requirements by thoroughly reviewing its IT environment and information security policies and procedures.
Blackbaud acknowledges our responsibility for the protection of and compliance with PCI requirements of any cardholder data that we, as a service provider, possesses, stores, processes, or transmits on behalf of the customer. A detailed listing of these responsibilities can be found here.
The Council also supports the PA DSS, a set of security requirements that apply to software vendors that develop payment applications that process, store or transmit cardholder data as part of authorization or settlement.
Blackbaud has modified every application that processes, stores, transmits cardholder data to become PCI DSS and PA-DSS compliant. We have implemented PCI standards regarding secure storage of data, strong access control, and other requirements. The Blackbaud list of solutions, below, provides a complete list of those products which are PCI DSS and PA-DSS compliant. Check out our FAQ page for details.
- The Raiser’s Edge
- Blackbaud NetCommunity
- Blackbaud CRM (including Blackbaud Internet Solutions)
- The Education Edge
- The Financial Edge
- eTapestry
- Altru
- Sphere
- Blackbaud NetSolutions
- The Patron Edge Online
- Blackbaud Secure Payments
- Luminate Online
- Luminate CRM
How does PCI affect specific Blackbaud products?