usd AG Re-Accredited Worldwide as an Approved Scanning Vendor (ASV)

On 20.08.2024, we once again received worldwide accreditation as an Approved Scanning Vendor (ASV) for the scanning services of our usd PCI Platform by the PCI Security Standards Council (PCI SSC). This makes us one of two accredited ASV companies in Germany.

More companies obligated to carry out ASV scans than before

Companies that process, store or transmit credit card data must have their affected IT systems scanned for vulnerabilities on a quarterly basis as part of their PCI DSS certification. These scans may only be carried out by an ASV that has been tested and accredited by the PCI SSC and is on the official list of Approved Scanning Vendors. Since PCI DSS v4.0 came into force, significantly more companies are obliged to perform ASV scans than before. You can find more information on the scanning obligation in our help section.

Accreditation takes place annually

All ASV organizations must undergo annual re-accreditation with the PCI SSC. These providers must meet or even exceed the requirements of the Qualification Requirements for Approved Scanning Vendors. The review is based on a structured, transparent process and requires, among other things, participation in the necessary training sessions, an examination of the ASV employees and, above all, a successful test result in the PCI SSC's ASV Lab Scan Test.

Rigorous test procedure

The PCI SSC's review of the scanning solution does not only look at processes and organizations. Our usd PCI DSS Platform was extensively tested as part of a realistic simulation of a vulnerability analysis. Our scanning solution had to identify and report all technical vulnerabilities in simulated network environments with vulnerable hosts and network devices within one day.