Inability to handle card payments - In extreme cases, a company can be prevented from handling card payments and payment data until they successfully pass an audit, overseen by an external auditor (known as a QSA)
PCI DSS, the Payment Card Industry Data Security Standard, is a security standard that all companies who handle payment card transactions must follow. These include financial companies and banks who issue cards, companies who process transactions (card processors) and companies who accept payments (merchants). These companies must prepare and submit a report every year.
The type of report, and the obligations which must be met, varies depending on the number of transactions processed and how you process them. It can cover information security, physical security, staff training, data protection and testing and validation.
It is because of this variety in requirements, that companies must ensure that they file the report themselves, rather than assume that someone else is doing it for them (such as their payment processer).
Failure to observe the requirements of PCI DSS can be severe. These can include:
PCI DSS services
PCI DSS can be complex. Our consultants have assisted many organisations determine the level of report needed and implement the changes needed to meet its requirements.
Whether you’re able to submit a self-assessed report or need to have an external audit, our Internal Security Assessor (PCI ISA) trained staff can help you through the process, quickly and efficiently. We are also able to recommend changes to systems and processes, physical and digital security controls and training.
Contact Us
Get in touch for further information on our services or to arrange a call to discuss your individual requirements.
Contact Us
Get in touch for further information on our services or to arrange a call to discuss your individual requirements.
