Consultancy and ASV Testing
PCI Compliance
What Is PCI Compliance?
The Payment Card Industry Security Standards Council (PCI SSC) requires the use of PCI Qualified Security Assessors to perform PCI on-site security audits using the PCI Security Audit Procedures to assess compliance with the PCI Data Security Standard.
As a Merchant or Service Provider, you are responsible for ensuring that you achieve and maintain compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). The DSS defines requirements for the protection of consumers’ payment card information while stored, in transit or during processing. Organizations that fail to comply with the PCI DSS potentially face significant fines, loss of customer goodwill, and may lose the ability to accept credit cards for payment.
Each payment card brand assigns merchants and service providers with a ‘level’, based on the organization’s annual volume of payment card transactions. While every merchant and service provider must comply with all applicable requirements in the DSS, reporting requirements differ by ‘level’. Organizations of all levels are required to have quarterly external network scans performed by an Approved Scanning Vendor (ASV). Additional reporting requirements include either the completion of a Self-Assessment Questionnaire or an onsite audit performed by a Qualified Security Assessor (QSA). Eurotek NS is a PCI Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV).
We assist clients in meeting and maintaining their PCI compliance requirements by providing sustainable solutions that may be integrated with other compliance requirements to reduce the overall cost of compliance.