About PCI DSS
PCI DSS was created by the Payment Card Industry Security Standards Council. The council comprises of MasterCard, Visa Inc., American Express, Discover Financial Services and JCB International.
- Increased credit card fraud led to the establishment of mandatory Data Security Standard to prevent theft of personal card holder’s information.
- The standard applies to merchants or service providers that transmit processes and or stores credit card information.
Our PCI Service delivery
Readiness audit to ensure the following:
- Scope are identified
- Review of network topology for appropriate segmentation
- Conduct PCI DSS requirement audit to test and identify areas of non-compliance
- Collaborate with process owners to ensure adequate remediation
- Collaborate with QSA to ensure needed compliance evidence was provided to validate compliance
- Etc.
The above covers the 12 elements of PCI DSS requirements
Consequences of non PCI compliance
- Forensic investigation
- Revocation of credit card business privileges
- Steep monetary fines (up to $500K) levied by the card associations plus damages on acquirer that may be transferred to merchants/service providers
- Lawsuits
- Damage to reputation
- Bad publicity