Cubic Transportation Systems has achieved PCI-DSS certification for the latest version of its Cubic Payment Application (CPA 3.0), for transit operators to validate security for credit and debit card data.
Merchants accepting credit and debit cards are required by their acquiring banks to comply with PCI DSS. This announcement recognizes that CPA 3.0 has been successfully “Validated According to PA-DSS v2.0” by the PCI Security Standards Council, and is listed as “Acceptable for New Deployments” on the Payment Card Industry Data Security Standards (PCI-DSS) website.
CPA 3.0, a component of Cubic’s NextCity suite, provides a secure payment gateway directly to merchant acquiring banks or other financial institutions. The PA-DSS certification of CPA helps transport operators and authorities to achieve PCI DSS certification by providing one less step for them to worry about.
Key features of CPA 3.0 include support for:
- Account-based payments, as processed by Cubic’s NextAccount, which is essential for open payments, mobile, parking and tolls.
- European and North American adoption of global EMV payments standards
- Emerging transit-specific transaction authorization and processing policies
- Concurrent connections to multiple acquirers
- Previous versions of CPA, including CPA 2.0101, have also been certified as a Validated Payment Application.
Furthermore, CPA 3.0 is designed to offer performance for securely processing legacy closed-loop payments, such as agency issued transit smartcards, as well as emerging forms of payment including open-loop, bank-issued contactless cards, mobile and EMV payments.