Skip to content

PCI DSS - Payment Card Industry Data Security Standard

We offer both certification and training for PCI DSS - Payment Card Industry Data Security Standard. Find an upcoming course in your country or request for a certification quote.

With growing trend of payments going cashless and onto cyber space, there is a need to secure the environments of accepting such ePayments. The security and quality of payment systems can be enhanced through the adoption of relevant standards and best practices and make electronic payments secure to all. The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. 

What is PCI DSS? PCI DSS was established to protect cardholder data to ensure that all companies that process, store or transmit credit card information maintain a secure environment. PCI DSS is applicable for:

  • Merchants
  • Issuers
  • Service providers such as ePayments service providers, VANs
  • Acquirers
PCI compliance is a continuous process, where assessment is performed on the following areas:
  • Build and Maintain a Secure Network and Systems
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy

How can DNV help? 

As a Qualified Security Assessor, DNV is able to help organizations be compliant towards PCI DSS standard based on a continuous process:

  • Assess: Identifying cardholder data, taking an inventory of IT assets and business processes for payment card processing, and analyzing them for vulnerabilities.
  • Remediate: Fixing vulnerabilities and eliminating the storage of cardholder data unless absolutely necessary.
  • Report: Compiling and submitting required reports to the appropriate acquiring bank and card brands.