PCI-DSS Compliance

Who can view the contents of the PCI field?
Admins and agents with the following roles can view the contents of the PCI field Admins who have access to the PCI field Agents who have access to edit ...
Thu, 3 Sep, 2020 at 4:34 PM
Which product lines in the Support BU are PCI Compliant?
Freshdesk (standalone version) is PCI compliant. As part of the integrated solution, Freshworks has built an isolated air-gap environment that is invoked fo...
Thu, 7 Sep, 2023 at 6:34 PM
Are standalone Freshchat and standalone Freshcaller PCI compliant?
Categorically, the answer is 'Not Applicable' as per PCI DSS v.3.2.1 - Clause 4.2 - Never send unprotected PANs by end-user messaging technologies (...
Fri, 8 Sep, 2023 at 10:12 AM
Can you export all sensitive data from Freshdesk (Vault)?
No. We will not provision exporting data from Freshdesk Vault. On the other hand, the sensitive data can be cleared off by different means. (Deleting a tick...
Thu, 3 Sep, 2020 at 4:36 PM
How is HIPAA compliant encrypted field different from PCI field?
The data entered in the PCI field is stored in a Virtual Private Cloud (VPC) that is not connected to any of Freshdesk’s subsystems. The data, conversation...
Thu, 3 Sep, 2020 at 4:37 PM
Does the PCI field follow the Primary Account Number (PAN) format?
The PCI field is not restricted to the PAN format. It is a single-line text field on Freshdesk and hence can accept any UTF-8 character.
Thu, 3 Sep, 2020 at 4:38 PM
Can we store Social Security Number (SSN) in the PCI field?
The PCI field can accept any single line text - this includes any UTF-8 character. Thus, any sensitive or confidential information of customers can be store...
Thu, 3 Sep, 2020 at 4:39 PM
Will the last 4-digits of the PCI field be visible for all agents?
All digits in the PCI field are masked. This means only agents/admins who have access to unmask/edit the PCI field can view the content in the field. Partia...
Thu, 3 Sep, 2020 at 5:15 PM
What is the validity of our Freshdesk’s PCI compliance certification?
It is valid for 1 year from the time of certification and needs to be renewed every year after assessment by a QSA.
Thu, 3 Sep, 2020 at 5:04 PM
Will PCI compliance certification mean that there will be no breaches of data or cardholder information would not be at risk?
The PCI DSS is not completely secure or hacker-proof. However, they are a standard set of fundamental security controls framed to deal with the most common ...
Thu, 3 Sep, 2020 at 5:04 PM