¿PCI DSS?

PCI DSS Data Security Standard for the Payment Card Industry (Payment Card Industry Data Security Standard) or PCI DSS, is an international standard developed by a committee made up of the most important card (debit credit) companies, committee called PCI SSC (Payment Card Industry Security Standards (Council).

It serves as a guide for the implementation of security policies and controls in order to prevent fraud involving debit and credit payment cards.

To organizations that process, store and/or transmit cardholder data (or cardholders).

Companies that process, store or transmit card data must comply with the standard or risk losing their permissions to process credit and debit cards (Loss of franchises), face rigorous audits or payment of fines, Merchants and service providers credit and debit card services, must periodically validate their compliance with the standard.

Certification is not necessarily required of companies that have certain characteristics, such as monthly transaction amounts, if they store cardholder data, among others. On the other hand, although it is true that not all organizations must necessarily be certified as having a business relationship with a provider or client that is PCI certified, they must comply with certain applicable controls according to the categorization of their business.

Each of the payment brands associated with the PCI SSC (Visa, MasterCard, American Express, Discover and JCB) classify their merchants (merchants and service providers) according to the number of annual transactions processed with their cards. For this, 4 levels of compliance have been defined (Level 1 to Level 4), where each payment brand specifically establishes the transaction threshold at each level, which may vary depending on the geographical region where the organization operates.

Each of the payment brands associated with the PCI SSC (Visa, MasterCard, American Express, Discover and JCB) classify their merchants (merchants and service providers) according to the number of annual transactions processed with their cards. For this, 4 levels of compliance have been defined (Level 1 to Level 4), where each payment brand specifically establishes the transaction threshold at each level, which may vary depending on the geographical region where the organization operates.

If you are interested in our PCI DSS Audit services, fill out the form and one of our technical advisors will contact you as soon as possible to assess your requirements and help you size a proposal according to your needs.