Ensure compliance with the Payment Card Industry Data Security Standard
To ensure payment card information is not compromised and provide all parties involved with the best possible protection against data misuse, credit card schemes have introduced a safety standard for the handling of payment card and transaction information. This standard, known as Payment Card Industry Data Security Standard or PCI DSS, applies equally to banks (issuers and acquirers), payment service providers, hosting providers, merchants, and payment application providers. PCI DSS Compliance is verified at regular intervals. Parties who cannot furnish proof of PCI DSS certification are not permitted to process payment card information.
We offer comprehensive advice, preparation, auditing, and verification of your security measures, thereby supporting you in all requirements for PCI DSS compliance certification. If you meet the PCI DSS standards, as an accredited certification body we can supply you with the TÜV SÜD certification mark and all evidence required by the credit-card schemes. Depending on whether you are a service provider, software manufacturer, merchant, or acquirer, you need to comply with various requirements and security-assessment procedures of the PCI DSS and/or PA-DSS.
The PCI Compliance standards define technical and organizational requirements for the storage, processing, and transfer of cardholder information. These standards apply to all parties involved in payment-card processing. The PCI Compliance standard also applies to organizations involved in the operation or provision of infrastructure, data centers, and other security-relevant components. For PCI conformity, organizations must fulfill certain criteria and thus provide appropriate evidence.
We differentiate between PCI DSS and PA-DSS certification, with the latter applying exclusively to manufacturers of payment software (Payment Application Data Security Standard).
PCI certification requirements are laid down in a standard comprising 12 clauses. To establish a relationship of mutual trust with customers and merchants, all of these requirements must be observed and verified at regular intervals. The individual PCI requirements are:
As differentiation between service providers and merchants is not always easy, we will be happy to advise you on PCI requirements and categorizations.
From standardized vulnerability scans (ASV) to our extensive Merchant Compliance Portal and individual advice, we offer merchants all the solutions they need to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS) and thus, ultimately, PCI DSS certification.
— Learn more about PCI Compliance Certification for Merchants
By providing our extensive acquirer portal, which can be used for easy implementation of all reporting tasks and other requirements for PCI DSS certification, we help acquirers to ensure end-to-end PCI DSS compliance at their merchants and service providers as well as in their own organizations. We support your authorized merchants with their efficient fulfillment of PCI requirements and submission of compliance evidence, offering comprehensive support and an attractive Merchant Compliance Portal.
— Learn more about PCI Compliance Certification for Acquirers
For software manufacturers, we offer an integrated solution for Payment Application Data Security Standard certification (PA-DSS certification). We are at your side every step of the way, supporting you with individual advice and the necessary security audits.
— Learn more about PCI Compliance Certification for Manufacturers
We offer payment service providers and cloud or hosting providers in-depth PCI advisory, comprehensive auditing as well as seminars and training, and many more constructive solutions on their way to PCI DSS certification.
— Learn more about PCI Compliance Certification for Service Providers
To ensure you can always work in conformity with the PCI standard and benefit from highest security measures, we offer the necessary solutions for PCI DSS or PA-DSS compliance certification and a number of additional benefits. Selected services include:
Our services cover all PCI DSS standards, supporting you on your way to PCI Compliance certification. Contributing our know-how in the auditing of information security and our experience in the payment-card industry we guarantee that you are on the safe side in matters of payment security. Our comprehensive services enable you to implement effective security systems.
Our accreditations with the PCI Security Standards Council and the payment card schemes authorize us to assist you with all aspects of reaching PCI Compliance certification and to issue the PCI certificate. We offer a range of certifications, including:
Have a question or need immediate assistance? Get in touch!