Payment Card Industry Data Security Standard (PCI DSS)
What is PCI DSS?
PCI DSS requirements are set by PCI Security Standards Council (PCI SSC), founded and enforced by Payment Brand (through your acquiring bank(s)). Payment Card Data Security Standard (PCI DSS) is the global data security standard that any business of any size must adhere to in order to accept payment by card and either store, process, and/or transmit cardholder data.
It contains common sense yet rigorous controls that mirror best security practices. PCI DSS applies to the protection of ‘CardHolder Data’ (CHD), centred around the Primary Account Number (PAN).
Who Should Comply and How
The PCI DSS applies to all entities that store, process, and/or transmit CardHolder Data. That means both Merchants and service providers to Merchants (IT, Data Centre, Call centre, Storage, Cloud providers to name a few). It covers technical and operational system components included in, or connected to, the CardHolder Data you handle.
If you accept, store, transmit and/or process payment cards, PCI DSS applies to you.
Reporting requirements differ based on your business (Service providers or Merchants), the number of cards you process per year, and how you take payments (In Person, Phone, Mail, Fax or E-commerce).
You may only be required to comply with a handful of requirements. Talk to us today to see how!
“It about making PCI compliance part of your business, not a once-a-year,study-for the test thing”.
Bob Russo, General Manager of the PCI SSC
Privasec offers peace-of-mind PCI DSS-as-a-Service to help organisations stay compliant throughout the years, to every version of the PCI DSS.
Not sure if this applies to you?
Don’t leave it to the last minute.
Give us a call and find out.
PCI DSS Services
Our work ethic is geared towards building a strong and long lasting relationship with our customers. We are committed to partnering with you and taking a pragmatic approach to address the risks and issues faced by your business in relation to the compliance program. We also work with you to effectively reduce your compliance issues.
PCI DSS Scope and Gap Assessment
Find compliant options to reduce your scope and create a plan to fix your non-compliances.
PCI DSS Remediation
Expert guidance and advice to remediate your non-compliances and keep your costs down.
PCI DSS Penetration Testing and Wireless Scanning
Ad-hoc or managed Penetration Tests and Wireless Scans as required by the PCI DSS
PCI DSS Certification
Qualified assessment of your compliance status and deliverance of your Attestation of Compliance (AOC).
PCI DSS Maintenance
Maintain your compliance throughout the year and avoid the stress of re-certification.
PCI-DSS-as-a-Service
Piece-of-mind all-inclusive service to ensure you reach and maintain compliance whilst getting best value for your business.
Don’t let PCI DSS slow down your business.
We work with you to provide you with flexible and practical solutions so whatever happens on your path, your business can keep moving forward.
We provide tailored and collaborative solutions to meet your business goals as well as your compliance requirements.
We assign QSAs who are the right culture fit for your organisation and project.
We don’t just tick boxes – Our professionalism, values and our work set us apart. Our QSAs have gained industry knowledge and efficiency through years of experience.
Government
NSW ICT Advanced Supplier (SCM0020)
QLD GICT Supplier (CCIQ Quassure)
VIC eServices Registered Supplier
We deliver services in
Contact
T(AU): 1800 996 001
T(NZ): +64 9 222 4725
T(SG): +65 6631 8375
L6, 50 York Street
Sydney 2000
NSW, Australia
L19, 567 Collins Street
Melbourne 3000
VIC, Australia
L23, 127 Creek Street
Brisbane 4000
QLD, Australia
L4, 17 Albert Street
Auckland CBD 1010
New Zealand
L8, 14 Robinson Rd
Far East Finance Building
Singapore 048545
