Viva Bank makes every effort to provide merchants with a highly-secure solution, which follows strong security standards and best practices, and complies with PCI requirements. Our applications are regularly updated for features and security and merchants should follow recommended best practices to ensure payment acceptance security and comply with PCI DSS.
Build and Maintain a Secure Network and System
Install and maintain a firewall configuration to protect cardholder data
Do not use vendor-supplied defaults for system passwords and other security parameters.
A new device should be chosen or one that has been reset to factory settings to install the viva.com Terminal app.
Other applications or software installed on this device should be restricted to the minimum necessary for business. If you need to install other software, please only use the official Google Play Store or the designated device management solution of your company for your software installations.
Maintain your device and application up-to-date with the latest Operating System and viva.com Terminal app updates.
Protect Cardholder Data
Protect stored cardholder data
Encrypt transmission of cardholder data across open, public networks.
Verify that there are no obstacles or “skimmer” devices close to or on top of the NFC reader as this may hinder the card reading – the position of the NFC reader differs across devices, please consult the manufacturer’s manual to locate yours.
Instruct your cardholders to cover the PIN pad when entering their PIN.
Make sure that there are no cameras or other recording devices pointed in the direction of the cardholder when they enter their PIN.
Maintain a Vulnerability Management Program
Use and regularly update anti-virus software
Develop and maintain secure systems and applications.
Implement Strong Access Control Measures
Restrict access to cardholder data by business need-to-know
Identify and authenticate access to system components
Restrict physical access to cardholder data.
Regularly Monitor and Test Networks
Track and monitor all access to network resources and cardholder data
Regularly test security systems and processes.
Regularly inspect the status of your mobile device; make sure the device is in good condition, remove any affixed devices, plastic covers, cases, dockers, screen protectors that are mounted to the device.
Maintain an Information Security Policy
Maintain a policy that addresses information security for all personnel.
Finally, in case you notice anything unusual in the application’s behaviour, please get in touch with your store manager, your company's IT support or, if necessary, escalate to our customer support.