Payment Card Data Requirement
PCI DSS is a requirement for all organisations that store, process or transmit payment card data.
Supported by the card providers, the standard is comprehensive in that it addresses various methods of using card data including:
- Card-not-Present Merchants
- E-commerce Merchants
- Imprint Machines and Stand-Alone Terminals.
- Virtual Terminal Solutions.
- Payment Application Systems Connected to the Internet.
All traders who use Payment Card Data should be aware of the Standard, even where the majority of the risk is handled by a third party.
Good Governance and Customer Confidence
PCI DSS compliance is essential to maintain customer confidence and reduce the risk of payment fraud.
Understanding the PCI DSS Standard is key to maintaining good governance of the data you store, process or transmit.
PCI DSS Consultants
The Standard can be confusing with reference to the Self Assessment Questionnaire (SAQ) or Report on Compliance (RoC), depending on the volumes of transactions, but our qualified partners can provide full assistance through the process.
Our PCI DSS Consultants will help you take the first steps in achieving compliance and work with you through the process, and afterwards as required.
We can help you complete the self assessment questionnaire (SAQ) and advise on implementing effective security controls.
Where required, our third party QSA’s can produce a full report on compliance, suitable to submit to PCI and other interested parties.
Often PCI DSS goes hand-in-hand with ISO 27001 The International Standard for Information Security, by adding some controls and requirements.