Payment Card Industry - Data Security Standard (PCI-DSS) Compliance

We also have a very strong audit and compliance practice in PCI-DSS. The following will give you some highlights of PCI-DSS.

PCI-DSS

About PCI DSS
PCI DSS was created by the Payment Card Industry Security Standards Council. The council comprises of MasterCard, Visa Inc., American Express, Discover Financial Services and JCB International.

  • Increased credit card fraud led to the establishment of mandatory Data Security Standard to prevent theft of personal card holder’s information.
  • The standard applies to merchants or service providers that transmit processes and or stores credit card information.

Our PCI Service delivery

Readiness audit to ensure the following:

  • Scope are identified
  • Review of network topology for appropriate segmentation
  • Conduct PCI DSS requirement audit to test and identify areas of non-compliance
  • Collaborate with process owners to ensure adequate remediation
  • Collaborate with QSA to ensure needed compliance evidence was provided to validate compliance
  • Etc.


The above covers the 12 elements of PCI DSS requirements

PCI Rules

Consequences of non PCI compliance

  • Forensic investigation
  • Revocation of credit card business privileges
  • Steep monetary fines (up to $500K) levied by the card associations plus damages on acquirer that may be transferred to merchants/service providers
  • Lawsuits
  • Damage to reputation
  • Bad publicity