Concourse is PCI PA-DSS compliant and security is of the utmost importance. Below is a summary of the components used to ensure that data and user access are secure:

• SSL encryption between Concourse and the user's browser.
• Robust message filtering to prevent malicious attacks such as HTML injections.
• Cardholder data encrypted prior to storage in the repository.
• Auditing of access to unprotected cardholder data.
• Auditing of data manipulation with before and after images.
• Auditing of user logon and activity.

Concourse also supports data access tagging, which offers financial institutions the ability to secure data at a more granular level than has traditionally been available. As transactions are loaded into Concourse, configured business rules are used to assign tags to the transaction. These tags are assigned to secure users of the system and are used to determine the eligibility of each user to view transaction data.