Merchants are obliged to complete PCI certification if they process, transfer or save card details on their own systems. If they outsource card processing, merchants are obliged to choose a certified service provider. Typically the merchant demonstrates compliance with the PCI requirements to the acquirer by means of a self-assessment questionnaire (SAQ).
We explain the PCI requirements and convey the basic knowledge required to run a PCI project in our workshops and consultation meetings. We support management, departments and technical experts with our experience in PCI projects.
By means of gap analyses, scope analyses and concept analyses, we work with you to clarify the implementation measures required to meet the PCI specifications. You therefore have a picture of the extent of the work required to achieve PCI compliance.
Using the information from the analyses, you can then implement the essential measures. We support you with advice, help you to take the right steps and implement them in your company. We assist with any questions, the selection of service provider or technologies to optimize the scope.
Following successful implementation of the adaptations, we carry out the compliance audit with you and draw up the necessary audit reports or support you in carry out the Self-Assessment Questionnaire (SAQ). Finally we support you in the process of application with the card organisations, and you receive a certificate from us confirming successful completion of the validation.
We understand the specific situation of a merchant. With our long-term experience in the different merchant industry sectors we are able to support a merchant efficient and professional. Here are some examples from different merchant types.
In retail, implementing PCI compliance can often be complex. Retail requires practical concepts and solutions to minimise the impacts of PCI. We use our experience to help in this context, particularly in relation to new developments in PCI standards, such as the Point-to-Point Encryption Standard. As one of the few certified P2PE auditors, we can provide focused and professional support in this area.
In a hotel, card details are processed, transmitted and saved electronically in many areas: at reception, in the restaurant, when reservations are made through a booking portal or in the central systems of a hotel chain. We are familiar with the specific PCI issues in running a hotel from many projects and can therefore offer the hotel industry a wealth of experience in efficient implementation and achievement of PCI compliance.
Whether you use the payment page of a payment gateway, maintain server-to-server communication with the provider or process card details in your own back-office systems, we are familiar with the various types of applications involving card detail processing with e-commerce providers and how PCI compliance can be implemented. Make the most of our expertise and let us help you with your PCI projects.