PCI DSS
We guide you towards PCI compliance
Since 2004, usd AG has been operating as an assessor accredited by the PCI Security Standards Council in all relevant standards of the Payment Card Industry. As a strategic partner to the PCI SSC Global Executive Assessor Roundtable (GEAR) we also support the PCI Security Standards Council as one of 20 companies worldwide with our knowledge from thousands of PCI projects.
Your Path towards Your PCI DSS Certification
PCI DSS Audit
If your company is required to conduct an on-site Assessment based on its classification, we can assist you in efficiently achieving certification in our role as Qualified Security Assessor. Our PCI DSS Competence Center can answer any questions you may have regarding the classification of your company and the certification measures required.
Your Certification Process
Introduction to PCI DSS. In the course of a PCI DSS Scope Workshop we determine with you the certification relevance of your business units and systems. Potential obvious deviations from PCI DSS are highlighted.
Preparation
Ready for the audit. During the PCI DSS Gap Analysis we check all certification-relevant IT systems, documentation and processes regarding their PCI DSS compliance. We document and discuss with you deviations and provide a catalog of measures to eliminate them. If required, you can also perform your Pentest and the PCI Security Scans directly with us.
Prepared for the Assessment. During the preparation phase, we finalize the Assessment scope together with you and specify the Assessment procedure in detail. The on-site Assessment is the formal process during which all processes, applications and systems that are in scope are reviewed by our certified assessor for compliance with PCI DSS. If required, we also conduct re-testing before preparing the final Report on Compliance.
Your reward. After successful validation of your compliance, we will issue you a personalized PCI DSS Certificate and Seal of Approval.
Are you a small or medium-sized business or an acquirer? Click here to go to your PCI certification process:
Small & Medium sized Businesses
Verify your PCI compliance.
Acquirers
Monitor and report the compliance status of your merchants.
These are Your PCI DSS Certification Advantages
PCI DSS, with its binding rules for greater IT security, is designed to put a stop to fraud. Increased protective measures in the processing of payment card data in accordance with PCI give you the following advantages in particular:
Increased data security and protection for your customers
Increased customer confidence and therefore possibly an increase in credit card use and sales
Greater protection against financial losses and damages due to security breaches
Protection of corporate image
Evaluate the security protection of systems used to store, process and/or transmit credit cardholder data
Data minimization and avoidance lead to business risk reduction
Network structuring reduces the cost of maintaining PCI compliance
We offer comprehensive consulting services for all PCI certifications. This includes, for example, options for reducing your scope and effort needed to achieve PCI compliance.
PCI DSS FAQ
What is PCI DSS?
The PCI Data Security Standard (PCI DSS) was defined based on existing security standards from VISA and MasterCard and are by now adopted and recognized by all well-known credit card firms as common standards. They define specific requirements in the different areas of payment card processing, which have to be met by merchants, service providers, payment application vendors, acquirer banks and processors. Please find more information at the PCI Security Standards Council.
How often do I have to validate compliance with PCI DSS?
The PCI DSS compliance validation must be provided at least once a year. Since a PCI DSS compliance validation documents the current status of credit card processing in your company, it is necessary to react to changes in credit card acceptance or payment processing even outside the specified cycle of one year by updating your PCI DSS validation. You are required to maintain PCI DSS compliance at all times.
What are the consequences of non-compliance with PCI DSS?
Your company may be fined by the credit card schemes or your acquirer (merchant bank). Furthermore, your company is liable if your clients' credit card data is stolen or misused.
