<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=YOUR_ID&amp;fmt=gif">

PCI DSS

PCI DSS does not apply to VIDIZMO in its own right. We do not process, store, or transmit cardholder data or handle financial transactions as part of our business. Where it matters is on the customer’s side: if you’re a bank, payment processor, or any organization storing payment-related records, VIDIZMO can help you meet your own PCI DSS obligations for that data.

What It Is

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements for organizations that handle cardholder data, covering how that data is stored, processed, and protected.

Where VIDIZMO Fits

VIDIZMO is not a payment processor and does not hold a PCI DSS Attestation of Compliance in its own name. Cardholder data is not something VIDIZMO deals in as part of its core business. Where this becomes relevant is Redactor: when a customer’s documents, images, or recordings contain payment-related information, Redactor’s existing platform controls can help that customer meet several PCI DSS requirements on their own systems.

What PCI DSS Majorly Requires, and How Redactor Helps

  • Protect cardholder data: encryption at rest and in transit. Redactor runs on the same AES-256 at rest and TLS in transit as every other VIDIZMO product, and automates redaction of payment-related information from documents, images, video, and audio.
  • Implement strong access control: role-based access on a need-to-know basis, unique user IDs, and MFA, so only authorized users can view unredacted content.
  • Maintain a vulnerability management program: weekly automated vulnerability scans and quarterly independent penetration testing across the platform.
  • Regularly monitor and test networks: real-time audit logging of every redaction action, retained in tamper-evident, immutable storage.
back to top