Compliance

Compliance Services

pic_services_compliancePSC is qualified globally as:

  • PCI Qualified Security Assessor (QSA)
  • PCI Payment Application Qualified Security
    Assessor (PA-QSA)
  • Point to Point Encryption Qualified Security
    Assessor (P2PE QSA)
  • Point to Point Encryption Payment Application Qualified Security Assessor (P2PE PA-QSA)
  • Approved Scanning Vendor (ASV)

Payment Card Industry Data Security Standard (PCI DSS)

The PCI DSS aligns the Visa International Account Information Security (AIS) program, the Visa USA Cardholder Information Security Program (CISP), MasterCard Site Data Protection (SDP) program, American Express Data Security Operating Policy (DSOP) and Discover Information Security and Compliance (DISC) streamlining requirements, compliance criteria and validation processes.

All Merchants, Financial Institutions, Processors, and Service Providers that store, process, or transmit cardholder data must be PCI compliant.

Find out more about PCI DSS Services


Payment Application Data Security Standard (PA-DSS)

The goal of PA-DSS is to help software vendors and others develop secure payment applications that do not store prohibited data, such as full magnetic stripe, CVV2 or PIN data, and ensure their payment applications support compliance with the PCI Data Security Standard (PCI DSS).

Find out more about PA DSS Services


Point to Point Encryption (P2PE)

The PCI Security Standards Council has released new assessment standards relating to hardware-based point-to-point encryption (P2PE) services. These services, provided by acquiring processors and payments gateways, utilize PCI Point of Interaction (POI) validated terminals to provide encryption of cardholder data from the retail establishment through to the acquirer. By implementing one of these solutions, a merchant may reduce the scope of their PCI DSS assessments, and significantly reduces risk of compromise of cardholder data.

Find out more about P2PE Assessment


Penetration Testing (Internal and External)

The purpose of penetration testing is to footprint, enumerate and potentially exploit vulnerabilities in web application(s) and network infrastructure using automated tools and manual mechanisms, above and beyond what simple automated scanning tools can achieve.

Network and application penetration tests are different from vulnerability scans in that penetration tests are more manual. They attempt to actually exploit some of the vulnerabilities identified in scans, and follow practices used by hackers to take advantage of weak security systems or processes.

Find out more about Internal and External Penetration Testing Services


Vulnerability Scanning

Security scans assist in the identification of vulnerabilities and mis-configuration of web sites, applications, and information technology (IT) infrastructures with Internet-facing IPs.

Find out more about Vulnerability Scanning Services


Visa Security Assessment Services for Visa Inc. Vendors

  • PSC is approved as a Verified by Visa (VbV) and 3-D Secure Assesor for Visa Inc.
  • PSC is certified as a Card Production Logical Security, Physical Security and Over the Air Assessor Company for Visa Inc.
  • PSC is certified as a Visa/PCI PIN Assessor

Find out more about Visa Security Assessment Services


PCI PIN/TR-39 (TG-3) Assessment

Various audits are required by payment networks and brands to validate proper PIN security and key management practices. These audits include Visa’s PIN audit and the TR-39 (TG-3) audit utilized by NYCE, PULSE and STAR. All entities handling PINs or cryptographic keys used in PIN processing must complete a PCI PIN / TR-39 (TG-3) Assessment and provide reporting of compliance to the appropriate networks.

Find out more about PCI PIN/TR-39 (TG-3) Assessment Services


EI3PA Assessment

PSC provides customers desiring compliance with the Experian Independent 3rd Party Assessment (EI3PA) with a Report on Compliance (ROC) and an EI3PA certification. An EI3PA assessment is an assessment of an Experian Reseller’s ability to protect the information purchased from Experian.

Find out more about EI3PA Assessment Services


 

Contact us for more information