PCI DSS
CERTIFICATION
PCI DSS
CERTIFICATION
Smooth PCI ride.




What is PCI DSS
What is PCI DSS ?
PCI DSS is a Payment Card Industry Data
Security Standard - a set of security
requirements for protection of cardholder
data.
Six card schemes participate:
Visa, Mastercard, American Express, JCB,
Discover and China Union Pay.
Who requires PCI DSS ?
Companies that process, store or transmit payment card data.
Merchants show compliance to their acquirers.
Service Providers (SP) (Banks, Payment Processors) show compliance to card schemes*.
Why get PCI DSS ?
- Requirement of card schemes
- Requirement of acquirers
- Promote your business as payments-secure to customers and partners.
How often ?
You need to renew your PCI DSS compliance annually.
How to get PCI DSS ?
Your path is determined by two questions:
- Merchant or Service Provider?
- Number of transactions per year?
You either fill-in a questionnaire yourself or get certified by a QSA company.
PCI Data
Cardholder Data:
- PAN (primary account number)
Sensitive Authorization Data:
- Track or Chip Data
- PIN or PIN block
- CVV2 (security codes)
PCI Levels (SP)
Levels for Service Providers are set by the card schemes, e.g. Visa, Mastercard. Level depends on annual transactions per card scheme.
- Level 1: > 300K (audit by a QSA)
- Level 2: < 300K
PCI Levels (Merchants)
Levels are set by the card schemes, e.g. Visa, Mastercard. Level depends on transactions per year.
- Level 1: > 6M (audit by a QSA)
- Level 2: 1M - 6M
- Level 3: 20K - 1M
- Level 4: < 20K
PCI DSS 4.0
Total 280 requirements.
64 new requirements:
- 13 immediate
- 51 from March 31, 2025
Assessments can be conducted from August 2022.
Certification Path
Most important step.
We make sure your
scope is fully identified.
Scoping
1 day 01
We define applicable
requirements.
PCI Profile
1 day 03
You fix the findings, we
validate them.
Remediation
from 1 day 05
We propose options for
scope reduction:
- less certification efforts
- less money spent
Optimisation
2 days 02
We do assessment together:
- review of documentation
- observation of processes
- interviews
Assessment
1-5 days 04Congratulations! You are officially PCI DSS compliant! You receive the Attestation of Compliance, or AOC.
Compliance
instant 06Why pciNow!
Professional
You get certified professionals:
in IT Security, in Penetration Testing, in Project Management.
Experienced
More than 400 PCI DSS
assessments.
Responsible
World-known companies
already trusted their PCI
compliance to our team.
Fast
We value your time.
We strive to amaze you
with the speed of the service.
PCI Services
PCI DSS
Certification
Annual certification with delivery of
AOC, ROC. We submit them to Visa and Mastercard.*
PCI 3DS
Certification
We do it.
We plan all steps, help understand applicability of requirements.
Together we go through the certification process.
PCI PIN Security
Certification
Need to validate your PIN security?
We cover transaction processing operation
(ATM/POS), Remote Key Distribution, CA/RA
and KIF.
Point-to-Point Encryption
Certification
Initial guidance, certification or annual re-validation. Include your Key-Injection Facility to the PCI listing.
ASV scans
Forgot your ASV scan?
PCI-DSS-required quarterly external vulnerability scans are for you. Contact us and get scanned today.
Penetration tests
Want a good deep sleep?
Analyze you your systems. Make sure you are clean. PCI-required pentests: infrastructure and application. Plus phishing, USBs, WiFi and more.
Our Team

CISA, ITIL, ISO 27001 Lead Auditor
European Data Protection
Privacy Program Management
Experience: 16 years

CISSP, CISM, ISO 27001 Lead Auditor
Experience: 9 years

OSCP (Offensive Security Certified Professional)
Experience: 12 years
Countries
of Business
We operate in 124 countries across Europe and CEMEA region.
Check your country
Contact Us
Thank you!
We will contact you soon.