PCI certification

We had to implement and certify a new environment under the updated PCI DSS standard within a very tight timeline. Coordinating across multiple teams and systems was a significant challenge as well as implementing the new requirements.

The pciNow team was a real partner throughout the process. They guided us through the technical and compliance changes, provided practical tools and templates and were always quick to respond when questions came up. Their proactive approach kept us confident and on track from start to finish.

With pciNow' support, we achieved PCI DSS certification for our new infrastructure on schedule and without findings. Just as importantly, their availability to answer questions year-round, not only during formal assessments, has been incredibly valuable. Having that ongoing support gives us peace of mind and helps us stay ahead.

pciNow! Is a game changer. pciNow! is the order you’ve been desperately looking to find in the chaos and wasn’t able to find and order, goes both ways; there’s order in chaos and where there’s chaos, you need to find order. pciNow! will find it!

They believe and practice old-school concepts, with a refreshed and modernized view. “How so?” you may ask.

By applying Keep-It-Simple-Sam (😊) techniques when analyzing your Business to first of all truly understand it and from there, to be able to identify those applicable requirements, then, by applying modern concepts to streamline the overall audit process and break it down in a way that e v e r y o n e understands it and can participate in. Not just the “techies”, but everyone who should be involved in the process. And PCI is a process not only for the “techies”, but an enabler first and foremost for the Business.

pciNow! has been the only one so far that was able to put things into true perspective from a Project Management point of view. By incorporating the 5xW’s and 1xH that you might have heard of or studied in your university days but might have quickly put aside, by incorporating the 7xC’s of effective Business communication, by putting everything into a drawing as “a picture is worth a thousand words”, by finding that “X” factor to help you understand.

By acting as a consultant rather than as an auditor the whole time, by helping you understand they’re an enabler of the Business, rather than someone dictating to the Business what the Auditor believes the Business should be doing.

pciNow! has helped us make PCI a process we’re looking forward to every year. Everyone knows what to expect and when things will be delivered. No surprises. And things are delivered.

Definitely, highly, totally, unconditionally recommended to say the least.

For over a decade our company has been supplying services which require being certified against PCI frameworks. Being assessed by a QSA could cause an impact on our daily work during the off-site and on-site parts of an audit. To prevent that, we have implemented an integrated control framework that covers the risks and controls that are inherent to our business, including the PCI DSS requirements. Thus our test dossiers aim to contain the majority of evidence necessary for audits.

Our pciNow! auditor, Dmitry Arsentyev, acknowledged our way of verifiably remaining compliant throughout the year. Moreover, he is the kind of auditor that assesses in the level of information security. As a result the outcome of the audits also provides input for our continuous improvement drive. As coordinator of the audits on our domain, it is my experience that with pciNow! the audits are interesting and useful.

We needed a quick, but comprehensive and full scope PCI DSS and 3DS audit for our SaaS environment that’s serving 70+ banks across EU. pciNow offered the whole package we needed, while being responsive, well spoken, VERY organized and making the whole process as simple as possible without skimping on security and precision which was very important for us.

We completed the audit successfully and continued to cooperate and even extending the scope of the audit to other parts of our group. The most important part is that pciNow is with us through the whole year, not only during the audit period.

Achieving PCI DSS Level 1 certification for both Uphold and Optimus Cards was a critical milestone for our business—but finding a partner who truly understood our operational complexity, compliance obligations, and pace was a challenge. We needed a provider who was not only professional and knowledgeable, but also agile and flexible under pressure.

pciNow proved to be exactly that partner.

From day one, pciNow maintained consistent, clear, and proactive communication with our team. They demonstrated a deep understanding of the PCI DSS framework and took the time to walk us through each requirement, helping to translate complex controls into actionable tasks specific to our environment. When issues arose, they didn’t just identify them—they worked side-by-side with our internal teams to resolve them, offering pragmatic guidance and timely support throughout the remediation process.

Thanks to pciNow’s expertise and collaborative approach, we achieved and continue to maintain the highest level of PCI DSS compliance. Not only did they help us meet our certification goals on time, but they also strengthened our internal security posture in the process. Their support has been instrumental in enabling Uphold to operate with confidence in a regulated environment.