Security and Compliance Information

At Carry1st, we are committed to providing a secure and compliant environment for all our users. This page outlines our adherence to Payment Card Industry Data Security Standards (PCI DSS) compliance, our password policy, and procedures for password expiration and account access issues.

What is PCI Compliance?

Payment Card Industry Data Security Standard (PCI DSS) compliance is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. Being PCI compliant means that Carry1st adheres to the highest standards of security, protecting sensitive payment card information against unauthorized access and data breaches.

Why is PCI Compliance Important?

PCI compliance is crucial for two main reasons:

Protecting Sensitive Information: It ensures that sensitive payment information is handled securely, reducing the risk of data breaches and fraud.
Building Trust: Compliance demonstrates to our game studios, publishers, and their customers that we are committed to maintaining a secure platform, thereby building trust in our services.

Our Password Policy

Carry1st has implemented a robust password policy designed to protect your accounts and sensitive information as part of our commitment to security and in compliance with PCI DSS requirements. Our password policy includes the following requirements:

Minimum Length: Passwords (or passphrases) must have a minimum length of seven characters.
Complexity: Passwords must contain both numbers and alphabetic characters to ensure higher security.
Regular Updates: Users must change passwords/passphrases at least every 90 days to mitigate the risk of unauthorized access.
Automatic Logout: For added security, users will be automatically logged out of the platform after 15 minutes of inactivity.

What to Do if Your Password Expires

If a user's password expires or if they cannot access their account, the platform offers a simple solution to regain access:

Forgot Password Link: Users should use the "forgot password" link on the login page to initiate the password reset. Follow the instructions to set a new password and regain access to your account.