Merchant Compliance Portal
Merchant Compliance Portal
As a merchant accepting credit card payments, you must make sure to prevent any misuse of sensitive cardholder data by unauthorized third parties. To do this, you must comply with the global Payment Card Industry Data Security Standards (PCI DSS), which were developed by the credit card schemes to improve data security in payment transactions. Evidence of your compliance with the standards must be furnished at regular intervals in the form of PCI certification.
We offer a simple and all-inclusive portal solution that supports merchants, irrespective of their size and area of industry, along their way to certification ––from newsstand owners with only an occasional credit-card payment to small bookstores, travel agents, and established online shops. Our free Merchant Compliance Portal provides guidance at every step of the certification process.
For PCI DSS certification, the leading credit card schemes categorise their merchants into various levels with different security requirements. The following forms of security evidence are basic requirements for PCI certification:
Retailers which need not undertake on-site auditing can complete their SAQs directly online in the Merchant Compliance Portal, and take advantage of automated processing of the required ASV scans for a smooth road to PCI Compliance.
Registration
|
Classification |
Self-Assessment |
Vulnerability Scans |
Reporting |
Creating your personal user account. |
With a few questions, the portal can define which self-assessment questionnaire is relevant for you.
|
Complete the questionnaire defined in advance, containing questions on your company, type of credit-card acceptance etc. |
Vulnerability scans may be necessary depending on the type of credit card acceptance and integration into your network. |
Your compliance report, results of vulnerability scans, and other relevant documents will be provided in the portal. |
For these services, the Merchant Compliance Portal offers merchants the following features:
Self-Assessment Questionnaire (SAQ) – In addition to the processing of payment card information in your company, the questionnaire surveys the following aspects:
Vulnerability scan (ASV scan): The objective of the security scan is to identify security gaps in systems and websites which might be used by attackers to access payment card data. Vulnerability scans identify potential gaps by running automated tests on the following parts of your IT systems:
On-site audits: Major merchants in particular must undergo an annual on-site audit in addition to the ASV scan. This on-site security audit covers various activities, including
We support our merchants not only by providing the Merchant Compliance Portal, but also by advising them on all further issues, such as the essential technical questions in the SAQ. The specially trained experts at TÜV SÜD First Level Support are familiar with the technical details and speak the same language as the merchants. In addition to PCI DSS certification, we can supply merchants with further optional Payment Security services, based on our cross-functional expertise in a variety of cybersecurity fields:
Trust is a factor of paramount relevance in virtual transactions. We support your operations as a merchant, assisting with secure implementation of modern technology and enabling you to accept credit card payments and guarantee your customers the highest security standards as demonstrated by the established TÜV SÜD certification mark. As an accredited certification provider, we accompany you step by step along the road to PCI Compliance.
Site Selector
Global
Americas
Asia
Europe
Middle East and Africa