PCI-DSS

PCI-DSS, PA-DSS, PCI-PIN

On September 7, 2006, PCI SSC launched Payment Card Industry Data Security Standard (PCI DSS) to keep a check to the standards of ongoing Payment Card Industry (PCI) security issues. All the companies that accept or process or store or transmit any credit card information of the customer or cardholder must comply with these security standards.

In 2008, to support PCI-DSS, the Payment Card Industry Security Standards Council (PCI SSC) introduced a set of security requirements called Payment Application Data Security Standard (PA-DSS), which are needed to be followed by software vendors while developing a payment application. Merchants developing software applications for in-house use may not comply with PA-DSS but should comply with PCI DSS.

Even though many standards are introduced, there are still gaps to be filled. Therefore in 2012, PCI enforced strict compliance. Under this compliance, every financial institution, which is a plus member and possessing at least one ATM, must conduct a PCI PIN security audit every year.

Partnering an auditor who has a complete understanding of intricacies of PCI compliance requirements, security, and encryption of system is strictly suggested. Whether you need to secure your data with a PCI compliant hosting provider or conduct audits for PA-DSS compliance or conduct audits for PCI PIN security, we have you covered.

Our certified IT auditors at MatinQ regulatory and compliance services have served a number of financial institutions and are well experienced in the payment industry which makes us conduct timely, smooth and efficient audits.

How we help you

  • Research the intricacies of PCI-DSS
  • Determine the level of compliance & the PCI SAQ required
  • Secure the physical servers
  • Examining all the software components or third-party plugins installed if any
  • Ensuring all those are PCI compliant
  • Draft documentation on the compliance
  • Completing the PCI SAQ and AOC
  • Completing the PCI SAQ and Attestation of Compliance (AOC) or Report on Compliance (ROC)