* The World's First Eco Surf Company Since 2007. (Buy One, Get One Tree).

Return to Help Index
Guarantees & Security
Payment Card Industry Data Security Standard (PCI DSS) FAQ

Wave Tribe Security

Click Image For Security Seal Check

Your Information Is Safe!

The PCI DSS (Payment Card Industry Data Security Standard) is a set of requirements for all parties involved in processing credit & debit card transactions – including acquirers, service providers, and merchants – to ensure secure transmission and storage of cardholder data.

Continuous compliance with the standard is mandatory for all specified parties, but periodic certification of compliance is also required in various capacities.

We never even see your credit card data, just the last four digits. You data is encrypted and the transaction happens between the secure gateway and the bank, we simply get the record of transaction and your last four. Thus your data is never stored on our servers and NOBODY has access to it EVER.

Wave Tribe Goes Above & Beyond The Mandatory

The PCI SSC (Security Standards Council – to learn more, click here). The standard was introduced in 2004 as a result of collaboration between Visa and MasterCard. In 2006, they handed off the responsibility of maintaining the standard to the SSC, which is a joint effort of Visa, MasterCard, Discover, JCB, and American Express. Although the SSC has exclusive authority to set requirements, it does not participate in compliance enforcement. The card brands themselves are responsible for enforcing compliance for all transactions conducted with their own cards. They accomplish this through policy enforcement with their member banks (acquirers). The member banks, in turn, enforce compliance with merchants. Consequently, if you wish to process major credit cards, you must do so through members of the card brands, who mandate PCI DSS compliance measures in their service contracts.

Wave Tribe Follows These 12 Requirements

According to the SSC, there are 12 requirements for service providers to achieve compliance:

Build and Maintain a Secure Network

  • Requirement 1: Install and maintain a firewall configuration to protect cardholder data.
  • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters.

Protect Cardholder Data

  • Requirement 3: Protect stored cardholder data.
  • Requirement 4:Encrypt transmission of cardholder data across open, public networks.

Maintain a Vulnerability Management Program

  • Requirement 5: Use and regularly update anti-virus software.
  • Requirement 6: Develop and maintain secure systems and applications.

Implement Strong Access Control Measures

  • Requirement 7: Restrict access to cardholder data by business need-to-know.
  • Requirement 8: Assign a unique ID to each person with computer access.
  • Requirement 9: Restrict physical access to cardholder data.

Regularly Monitor and Test Networks

  • Requirement 10: Track and monitor all access to network resources and cardholder data.
  • Requirement 11: Regularly test security systems and processes.

Maintain an Information Security Policy

  • Requirement 12: Maintain a policy that addresses information security

To help service providers remember the requirements, the SSC has even created a catchy tune with an animated video. You can watch it at here. To view the requirements spelled out in thorough detail, click here (click "Accept" at the bottom, then select "English: pdf" or "English: doc").

As mentioned previously, compliance enforcement is the responsibility of the card brands themselves. You can find full service provider compliance requirements at each card brand's website:

Since all card brand programs are designed to help service providers achieve compliance with the same standard, they are quite similar in a number ways. The main components are:

  • Quarterly network scans by an ASV (Approved Scanning Vendor) for the network's external IP addresses
  • Annual on-site audits by a QSA (Qualified Security Assessor)
Stoked Guarantee
  Wave Tribe Stoked Guarantee

Wave Tribe 100% Stoked Guarantee

If you don't like it, if it doesn't fit or if it just isn't what you thought it was, return it. Just let us know why you didn't like it (so we can help you find something you do like).

We want you to be happy with your purchase and there is no need for excuses. If you buy any product and decide to return it, just do so within 30 days.

Contact our Customer Service Department at 800-791-6521 for an RA (Return Authorization) number and return the complete, undamaged and unworn product in the original packaging for an exchange or a refund.

We reserve the right to charge a 20% restocking fee on all returned items.


Wave Tribe Staff
Why Shop at Wave Tribe?

Ten Reasons to Shop With Us!

  1. You want and demand sustainable surf products, just like us!

  2. You use environmentally friendly products.

  3. You care about the planet, ocean, and its creatures and we do too.

  4. You look for a company that guarantees the value of what they sell.

  5. You want products that are made with care and are sustainable.

  6. You understand that sustainable materials help us maintain a healthier planet.

  7. You are committed to the environment and a green lifestyle.

  8. You understand that Wave Tribe is the world's 1st green surf company, and you like that.

  9. You are here because you recognize the importance of investing in green surf products.

  10. Your support allows us to protect our most cherished resources.

Join the Tribe, be the change!

  It is our commitment to provide you with the best value, to read more about our Guarantee please click here.
Privacy Policy
  We value your privacy. Please view our Privacy Policy for complete details on how we use the information we collect.
  This website is protected with SSL (secure socket layer) encryption, the highest standard in Internet security.

Copyright © 2013 Wave Tribe. All Rights Reserved.Built with Volusion