Credit cards and security standards.

PCI-DSS Certification & Audit

What is it about?
Without credit cards eCommerce would hardly be possible: but how to ensure the security of data and transactions? How to combat the risk of fraud?

The Payment Card Industry Security Standards Council (PCI SSC), the security council created by the leading names in the industry, has issued various regulations for the security of electronic payments; the best known is the Payment Card Industry Data Security Standard (PCI DSS), aimed at sellers and operators who manage credit card data in the course of their transactions.

Certified assistance
CryptoNet Labs, accredited as a Qualified Security Assessor by PCI SSC, is enabled to support companies in the compliance process with a modular proposal.

In particular, the intervention of CryptoNet Labs consultants provides:

  • identification of the perimeter of application of the standard (CDE or cardholder data environment);
  • verification of the initial situation and definition of the adaptation plan;
  • organisational and technological consultancy to implement the requirements and understand the new features introduced by new versions of the standard;
  • assisting the customer in the self-certification process by means of Self Assessment Questionnaires (SAQs) suitable for the customer’s infrastructure;
  • execution of the certification visit (onsite audit) for entities that cannot or do not wish to use self-certification, compilation of the Report of Compliance (RoC) and the Attestation of Compliance (AoC);
  • performing of the audits, vulnerability assessments and penetration tests required for certification;
  • dedicated training;
  • support in signing up with the service providers approved by the various brands.

Who can benefit from it?
For merchants and service providers that process credit card data or offer services that require certification, it’s a modular and streamlined path that includes all the necessary activities.