about standards & compliance
DOKU is certified PCI DSS compliant, the first and currently the only Indonesian company to be certified.
PCI DSS (Payment Card Industry Data Security Standards) are the stringent criteria established by the industry to safeguard client data and to protect payment integrity. The PCI DSS guidelines help organizations that process card payments prevent credit card fraud, hacking and various other security issues. A company processing, storing, or transmitting credit card numbers must be PCI DSS compliant or they risk losing the ability to process credit card payments.
Under its regulations, DOKU must validate PCI DSS compliance with an audit by a Qualified Security Assessor (QSA) Company each year. DOKU's PCI DSS Audit is conducted by a third party, Symantec Pte Ltd, a certified QSA and ASV under the Payment Card Industry Data Security Standard Program.
DOKU imposes additional security measures to ensure a safe and secured payment-processing environment through:
-
Verisign HTTP Secure Socket Layer (SSL) - 
a Verisign SSL up to 256bit AES SSL with Extended Validation
-
Order Information Verification - 
 3 Steps of background verification from DOKU system to Merchant's System to avoid ‘Phishing' attacks
-
Dynamic Hashed Identification using Shared Key - 
a SHA1 dynamic hashing using shared key as a validation to merchant's requests identification
-
IP Filtering Method - allowing transactions to be authorized only from registered Merchant's IP Address to minimize unauthorized requests
© Copyright 2010 DOKU. is a trademark of PT Nusa Satu Inti Artha.
