PCI Certification for Merchants

PCI Certification for Merchants 2021-09-02T15:22:32+00:00
Service Provider

What we offer

  • PCI DSS Assessments
  • SAQ Support
  • PCI Gap Analysis
  • Compliance Advice
Contact us

Merchants are obliged to complete PCI certification if they process, transfer or save card details on their own systems. If they outsource card processing, merchants are obliged to choose a certified service provider. Typically the merchant demonstrates compliance with the PCI requirements to the acquirer by means of a self-assessment questionnaire (SAQ).
Contact us

Support in all phases of a PCI project

PCI INTRODUCTION

We explain the PCI requirements and convey the basic knowledge required to run a PCI project in our workshops and consultation meetings. We support management, departments and technical experts with our experience in PCI projects.

ANALYSIS

By means of gap analyses, scope analyses and concept analyses, we work with you to clarify the implementation measures required to meet the PCI specifications. You therefore have a picture of the extent of the work required to achieve PCI compliance.

IMPLEMENTATION

Using the information from the analyses, you can then implement the essential measures. We support you with advice, help you to take the right steps and implement them in your company. We assist with any questions, the selection of service provider or technologies to optimize the scope.

CERTIFICATION

Following successful implementation of the adaptations, we carry out the compliance audit with you and draw up the necessary audit reports or support you in carry out the Self-Assessment Questionnaire (SAQ). Finally we support you in the process of application with the card organisations, and you receive a certificate from us confirming successful completion of the validation.

Industry Expertise

We understand the specific situation of a merchant. With our long-term experience in the different merchant industry sectors we are able to support a merchant efficient and professional. Here are some examples from different merchant types.

Retail merchants

In retail, implementing PCI compliance can often be complex. Retail requires practical concepts and solutions to minimise the impacts of PCI. We use our experience to help in this context, particularly in relation to new developments in PCI standards, such as the Point-to-Point Encryption Standard. As one of the few certified P2PE auditors, we can provide focused and professional support in this area.

Hospitality

In a hotel, card details are processed, transmitted and saved electronically in many areas: at reception, in the restaurant, when reservations are made through a booking portal or in the central systems of a hotel chain. We are familiar with the specific PCI issues in running a hotel from many projects and can therefore offer the hotel industry a wealth of experience in efficient implementation and achievement of PCI compliance.

E-Commerce

Whether you use the payment page of a payment gateway, maintain server-to-server communication with the provider or process card details in your own back-office systems, we are familiar with the various types of applications involving card detail processing with e-commerce providers and how PCI compliance can be implemented. Make the most of our expertise and let us help you with your PCI projects.

Useful Links

The PCI DSS Standard – catalogue of all requirements of the PCI DSS standard

SAQ Instructions and Guidelines v3.1 – useful information on the self-assessment questionnaires and the classification of merchants

Understanding SAQs for PCI DSS v3 – additional information on the self-assessment questionnaires

Prioritized Approach – useful tool for structured management and implementation of each of the PCI DSS requirements