What Is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) was established by the major card brands (MasterCard Worldwide, Discover Financial Services, American Express, JCB International, and Visa Inc.).
The PCI DSS is a list of card-handling practices merchants must follow to accept payment cards. This standard details how to securely handle, process, and store sensitive payment card data. All businesses that process, store, or transmit payment card data are required to implement the requirements outlined in the PCI DSS to prevent cardholder data theft. All merchants that accept Visa, MasterCard, Discover, AMEX, or JCB are required to comply with the PCI DSS.
Getting Started with PCI DSS Compliance
For small and medium sized businesses (SMBs) — Merchants that transact less than 6 Million payment card transactions in an year are classified as Level 2, Level 3 and Level 4. E Secure 360 help these merchants complete their SAQ, explain identified vulnerabilities, pass the ASV scan, and ensure that their PCI compliance is validated and reported to their merchant processor.
For enterprise organizations — Merchant or service providers that transact more than 6 Million payment card transactions in anyear are classified as Level 1 and must undergo an onsite assessment. E Secure 360 will assign a Qualified Security Assessor (QSA) to validate a company’s compliance with the PCI requirements by conducting interviews with business and operations personnel, and perform required tests. Entities found to be compliant will receive a written Report on Compliance (RoC) to be provided to acquiring banks and an Attestation of Compliance (AoC) as a declaration of compliance status.
We have the tools to help you reach compliance and increase data security.
- External vulnerability scanning
- Internal vulnerability scanning
- Application Security testing
- Penetration testing
- Mobile device security
- Security policies and procedures
- Privacy and security training
- Threat Intelligence