PCI DSS Compliance

Secure card payments

The Payment Card Industry Data Security Standard (PCI DSS) was set up to ensure businesses process card payments securely.  The standard protects cardholder data by implementing thorough controls around how cardholder data is stored, transmitted and processed.

Who is PCI DSS compliance for?

  • Every business and organisation that stores, transmits or processes cardholder data needs to be compliant with PCI DSS.
  • There are differing requirements, depending on your payment card environment, scope and the number of transactions your business carries out.
  • It's worth noting that if you suffer a data breach and you aren't PCI compliant, you may be subject to fines and liable for the fraud losses incurred against the card data lost.

How does it work?

  • We start with a PCI DSS scope analysis (often called a gap analysis) to determine your level of compliance and any further requirements needed to meet PCI DSS compliance
  • We will advise and assist with any remediation work needed to meet the standard
  • Finally, we will carry out your assessment and complete the necessary reports and questionnaires as required.

Why be PCI DSS compliant?

  • Whether you store, process or transmit card details - PCI compliance is mandatory
  • Be confident that you are handling credit card payments in a compliant way, and promote trust with your customers
  • You may be liable for non-compliance fines if you fail to submit your annual PCI DSS compliance attestation
  • If you suffer a data breach while you are not compliant with PCI DSS, you could be subjected to card breach fines, ICO fines, reputational damage and possible legal action