pciNow! - PCI Certification

PCI DSS

CERTIFICATION

Smooth PCI ride.

What is PCI DSS ?

PCI DSS is a Payment Card Industry Data Security Standard - a set of security requirements for protection of cardholder data.

Six card schemes participate:
Visa, Mastercard, American Express, JCB, Discover and China Union Pay.

Who requires PCI DSS ?

Companies that process, store or transmit payment card data.

Merchants show compliance to their acquirers.

Service Providers (SP) (Banks, Payment Processors) show compliance to card schemes*.

Why get PCI DSS ?

Requirement of card schemes
Requirement of acquirers
Promote your business as payments-secure to customers and partners.

How often ?

You need to renew your PCI DSS compliance annually.

How to get PCI DSS ?

Your path is determined by two questions:

Merchant or Service Provider?
Number of transactions per year?

You either fill-in a questionnaire yourself or get certified by a QSA company.

PCI Data

Cardholder Data:

PAN (primary account number)

Sensitive Authorization Data:

Track or Chip Data
PIN or PIN block
CVV2 (security codes)

PCI Levels (SP)

Levels for Service Providers are set by the card schemes, e.g. Visa, Mastercard. Level depends on annual transactions per card scheme.

Level 1: > 300K (audit by a QSA)
Level 2: < 300K

PCI Levels (Merchants)

Levels are set by the card schemes, e.g. Visa, Mastercard. Level depends on transactions per year.

Level 1: > 6M (audit by a QSA)
Level 2: 1M - 6M
Level 3: 20K - 1M
Level 4: < 20K

PCI DSS 4.0

Total 280 requirements.
64 new requirements:

13 immediate
51 from March 31, 2025

Assessments can be conducted from August 2022.

Most important step.
We make sure your
scope is fully identified.

Scoping

1 day 01

We define applicable
requirements.

PCI Profile

1 day 03

You fix the findings, we
validate them.

Remediation

from 1 day 05

We propose options for
scope reduction:
- less certification efforts
- less money spent

Optimisation

2 days 02

We do assessment together:
- review of documentation
- observation of processes
- interviews

Assessment

1-5 days 04

Congratulations! You are officially PCI DSS compliant! You receive the Attestation of Compliance, or AOC.

Compliance

instant 06

DSS

Professional

You get certified professionals:
in IT Security, in Penetration Testing, in Project Management.

Experienced

More than 400 PCI DSS
assessments.

Responsible

World-known companies
already trusted their PCI
compliance to our team.

Fast

We value your time.
We strive to amaze you
with the speed of the service.

PCI

PCI DSS

Certification

Annual certification with delivery of AOC, ROC. We submit them to Visa and Mastercard.*

PCI 3DS

Certification

We do it. We plan all steps, help understand applicability of requirements. Together we go through the certification process.

PCI PIN Security

Certification

Need to validate your PIN security? We cover transaction processing operation (ATM/POS), Remote Key Distribution, CA/RA and KIF.

Point-to-Point Encryption

Certification

Initial guidance, certification or annual re-validation. Include your Key-Injection Facility to the PCI listing.

ASV scans

Forgot your ASV scan?

PCI-DSS-required quarterly external vulnerability scans are for you. Contact us and get scanned today.

Penetration tests

Want a good deep sleep?

Analyze you your systems. Make sure you are clean. PCI-required pentests: infrastructure and application. Plus phishing, USBs, WiFi and more.

Denis, QSA

Specialization in Business Continuity (BS 25999), Information Security Management Systems (ISO 27001), European Data Protection law, Risk Management System (ISO 31000 and ISO 31100), Security in Finance, Security Investigations.

CISA, ITIL, ISO 27001 Lead Auditor
European Data Protection
Privacy Program Management

Experience: 16 years

Dmitriy, QSA

Specialization in ISO 27001, secure software development, incidents management, threats analysis, development of governance documentation and training manuals, risk assessments.

CISSP, CISM, ISO 27001 Lead Auditor

Experience: 9 years

Vadim, Pentester

Proven penetration testing skills, researcher. Specializes not only on remote attacks, but also on wireless, USB-related, RFID-related, blutooth-related and various physical attacks.

OSCP (Offensive Security Certified Professional)

Experience: 12 years

PCI DSS

CERTIFICATION

PCI DSS

CERTIFICATION

What is PCI DSS

What is PCI DSS ?

Who requires PCI DSS ?

Why get PCI DSS ?

How often ?

How to get PCI DSS ?

PCI Data

PCI Levels (SP)

PCI Levels (Merchants)

PCI DSS 4.0

Certification Path

Scoping

PCI Profile

Remediation

Optimisation

Assessment

Compliance

Why pciNow!

Professional

Experienced

Responsible

Fast

PCI Services

PCI DSS

PCI 3DS

PCI PIN Security

Point-to-Point Encryption

ASV scans

Penetration tests

Our Team

Countries
of Business

Check your country

Contact Us

Thank you!

We will contact you soon.

Something went wrong.

Please send us an email

[email protected]

PCI DSS

CERTIFICATION

PCI DSS

CERTIFICATION

What is PCI DSS

What is PCI DSS ?

Who requires PCI DSS ?

Why get PCI DSS ?

How often ?

How to get PCI DSS ?

PCI Data

PCI Levels (SP)

PCI Levels (Merchants)

PCI DSS 4.0

Certification Path

Scoping

PCI Profile

Remediation

Optimisation

Assessment

Compliance

Why pciNow!

Professional

Experienced

Responsible

Fast

PCI Services

PCI DSS

PCI 3DS

PCI PIN Security

Point-to-Point Encryption

ASV scans

Penetration tests

Our Team

Countries of Business

Check your country

Contact Us

Thank you! We will contact you soon.

Something went wrong. Please send us an email [email protected]

Countries
of Business

Thank you!

We will contact you soon.

Something went wrong.

Please send us an email

[email protected]