Wildcard Now a PCI DSS Certified Assessor
Wildcard is now a Payment Card Industry (PCI) Qualified Security Assessor (QSA). Wildcard is an information security service provider with extensive experience across multiple industries. Throughout our history, we have assisted our customers in designing and assessing secure operating environments for various compliance initiatives. Becoming a PCI QSA vendor aligns naturally with our experience and services.
What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is a security standard defined by major credit card vendors that applies to all companies that accept credit card payments. In order to be in compliance the vendor must at a minimum apply the controls defined by the DSS standard.
PCI DSS is meant to protect the data of credit and debit cardholders and minimize or eliminate data breaches and other security incidents. The PCI DSS has 12 high-level requirements involving the protection of payment card data during processing, storage, or transmission. To be PCI compliant, entities must maintain secure internal operations, remediate insecure practices, and submit validation and/or compliance reports. Failure to comply with the PCI DSS can result in fines and/or penalties, the severity of which is defined by the individual payment card brands.
What are PCI Compliance Levels?
All vendors fall into one of four PCI merchant compliance levels. Your merchant level is defined by the major card vendors and assigned by the merchant acquirer or bank. The assigned merchant level is determined by the number of transactions that occur over a year.
PCI Compliance Level 1 - The merchant completes greater than 6 million transactions annually, has experienced an attack resulting in compromised card data, or the merchant has simply been deemed level 1 by a card association.
PCI Compliance Level 2 - The merchant completes between 1 million and 6 million transactions annually.
PCI Compliance Level 3 - The merchant completes between 20,000 and 1 million transactions annually.
PCI Compliance Level 4 - The merchant completes fewer than 20,000 transactions annually.
*Any merchant that has suffered a data breach of sensitive card data may be escalated to a higher validation level.*
Due to their high annual processing volumes, Level 1 Merchants must take the greatest efforts to secure the card processing systems. These merchants must complete annual on-site reviews by an auditor and successfully pass required network scans and penetration tests.
Merchant levels 2 through 4 must complete annual assessment questionnaires to validate that they operate in a PCI DSS compliant environment.
The Wildcard Differentiator
Focused On Helping You Meet Deadlines
Wildcard’s compliance auditing framework is based on proven practices and principals that focus on conducting and completing the audit process with precision and expediency. We leverage our tools and processes to streamline the audit to identify gaps and offer remediations.
Wildcard offers a variety of services that align with the requirements associated with the PCI DSS. Wildcard can conduct the vulnerability assessment, penetration testing, and detection of common coding vulnerabilities. We can evaluate your environment to accurately determine the scope of the environment and conduct a gap analysis to address any lagging resources. Each of our services are designed to be integrated and to streamline the audit process for the most accurate and predictable results.
A Partner In Compliance
Wildcard assessors offer a unique blend of compliance, security, and workflow experience to efficiently drive results. We align our efforts with your organizational business objectives. We seek to help you build an environment where compliance boxes are checked because your operating standard is one driven by a secure culture.
Wildcard assessors have experience across multiple industries. We are able to understand the unique challenges facing your organizations and are able to evaluate the environment. We can apply DSS standards and compensating controls in the proper context to assist you in your compliance efforts.
A part of Wildcard’s mission is to provide its customers products and services that are transparent and easily understood. Wildcard prepares reports that are concise and delivered in an easily interpretable format.
The PCI QSA is a new designation for Wildcard as an information security service provider. However, it is merely a certification that is now associated with a company that has provided similar services to its customers for 10+ years. We have auditors that provide merchants with extensive experience in assessing environments. Wildcard doesn’t just audit for compliance. We provide an added value to our customers by aligning security with business objectives.