What is PCS:DSS?
PCI:DSS is the worldwide Payment Card Industry Data Security Standard that was initiated to help businesses process card payments securely and reduce card fraud. This is achieved through enforcing tight controls surrounding the storage, transmission and processing of cardholder data that businesses handle. PCI:DSS is intended to protect sensitive cardholder data.
Every business that processes card payments is required to have a yearly PCI:DSS compliance assessment to ensure that they are abiding and following card merchant rules. We can provide the
consultancy to help you understand your organisations obligations under PCI:DSS and what you need to do to comply with the requirements of the standard.
Complying with PCI:DSS shows that your organisation is dedicated to securing your customers information and minimising the risk of card fraud. It is not only a requirement to have a yearly PCI:DSS compliance assessment, but it also reassures your customers that they can trust you are keeping your systems and their information secure.
PCI:DCC Compliance Levels
There are four levels, or tiers, of PCI compliance that are based upon your organisation’s card transaction volume (credit, debit, and prepaid) over a 12-month period. If your organisation suffers a breach that results in account data compromise it may be escalated to a higher level of compliance.
| Your level is: | Your organisation carries out: | Your organisation should: |
4 | less than 20,000 eCommence transactions per year less than 1 million other transactions per year | complete an annual risk assessment using an SAQ (Self Assessment Questionaire) conduct quarterly PCI scans |
3 | between 20,000 and 1 million transactions per year. | complete an annual risk assessment using an SAQ (Self Assessment Questionaire) conduct quarterly PCI scans |
2 | between 1 and 6 million transacations per year | complete an annual risk assessment using an SAQ (Self Assessment Questionaire) conduct quarterly PCI scans |
1 | more than 6 million transactions per year | conduct an annual audit by Qualified Security Assessor (QSA) conduct quarterly PCI scans |
We offer PCI:DSS Compliance solutions. Our experts will help you avoid costly fines, which range from £3,000 to £80,000 per month by credit card companies, whilst protecting your organisation’s reputation.
Our approach to PCI:DSS Assessment: We collaboratively understand the process; where and how card payments are taken and review how the data is collected and stored. We will determine the compliance obligations of your organisation based on the nature and volume of processing and measure this against the PCI:DSS compliance level.
We work in partnership with you and your team. Identifing the steps you can take to reduce the PCI:DSS scope or compliance obilgations as well as those required to address any compliance gaps to meet best practice.