PCI DSS Certified Assessor
Wildcard is an information security service provider with extensive experience across multiple industries. Wildcard is also certified as a Payment Card Industry (PCI) Qualified Security Assessor (QSA). Throughout our history, we have assisted our customers in designing and assessing secure operating environments for various compliance initiatives. Our PCI security services can assess your systems and help your company implement standards for creating secure payment solutions and becoming a PCI approved merchant.
Wildcard doesn’t just audit for compliance. We provide an added value to our customers by aligning security with business objectives.
What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is a security standard defined by major credit card vendors and applies to all companies that accept, process, store or transmit, credit card information. PCI DSS is meant to protect the data of credit and debit card holders and prevent data breaches and other security incidents. PCI DDS compliance is important because it not only protects your customers' card information, but also your reputation as a trustworthy retailer. Compliance with PCI DSS will only continue to grow in importance as e-commerce continues to expand.
In order to be in compliance the vendor must apply at least the minimum controls defined by the DSS standard.
Failure to comply with the PCI DSS can result in fines and/or penalties, the severity of which is defined by the individual payment card brands.
Merchant Compliance Levels
All vendors fall into one of four PCI merchant compliance levels. Your merchant level is defined by the major card vendors and assigned by the merchant acquirer or bank. The assigned merchant level is determined by the number of transactions that occur over a year.
PCI Compliance Level 1 - The merchant completes greater than 6 million transactions annually, has experienced an attack resulting in compromised card data, or the merchant has simply been deemed level 1 by a card association.
PCI Compliance Level 2 - The merchant completes between 1 million and 6 million transactions annually.
PCI Compliance Level 3 - The merchant completes between 20,000 and 1 million transactions annually.
PCI Compliance Level 4 - The merchant completes fewer than 20,000 transactions annually.
*Any merchant that has suffered a data breach of sensitive card data may be escalated to a higher validation level.*
Due to their high annual processing volumes, Level 1 Merchants must take the greatest efforts to secure the card processing systems. These merchants must complete annual on-site reviews by an auditor and successfully pass required network scans and penetration tests.
Merchant levels 2 through 4 must complete annual assessment questionnaires to validate that they operate in a PCI DSS compliant environment.
PCI DSS Requirements
The PCI DSS has 12 high-level requirements involving the protection of payment card data during processing, storage, or transmission. To be PCI compliant, entities must maintain secure internal operations, remediate insecure practices, and submit validation and/or compliance reports.
Chart retrieved from www.pcisecuritystandards.org
The Wildcard Differentiator
A Focus On Helping You Meet Deadlines
Wildcard’s compliance auditing framework is based on proven practices and principals that focus on conducting and completing the audit process with precision and expediency. We leverage our tools and processes to streamline the audit to identify gaps and offer remediations.
One-Stop Shopping
Wildcard offers a variety of services that align with the requirements associated with the PCI DSS. Wildcard can conduct the vulnerability assessment, penetration testing, and detection of common coding vulnerabilities. We can evaluate your environment to accurately determine the scope of the environment and conduct a gap analysis to address any lagging resources. Each of our services are designed to be integrated and to streamline the audit process for the most accurate and predictable results.
A Partner In Compliance
Wildcard assessors offer a unique blend of compliance, security, and workflow experience to efficiently drive results. We align our efforts with your organizational business objectives. We seek to help you build an environment where compliance boxes are checked because your operating standard is one driven by a secure culture.
Wildcard Experience
Wildcard assessors have experience across multiple industries. We are able to understand the unique challenges facing your organizations and are able to evaluate the environment. We can apply DSS standards and compensating controls in the proper context to assist you in your compliance efforts.
Transparency & Clear Communication
A part of Wildcard’s mission is to provide its customers products and services that are transparent and easily understood. Wildcard prepares reports that are concise and delivered in an easily interpretable format.