The Payment Card Industry Data Security Standard (PCI DSS) is a multifaceted security standard that includes requirements for information security management, policies, procedures, network architecture, software design and other critical controls. This comprehensive standard is intended to help organizations proactively protect customer account data.
In general, PCI DSS applies to all merchants and services providers that process, transmit, or store credit card sensitive data. This includes every component of the payment chain, from the bank to merchants, and the processors and service providers in between.
The PCI DSS standard has 12 requirements for compliance, under 6 different areas categories:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain a policy that addresses information security
Evolution is an accredited PCI QSA (Qualified Security Assessor), providing the full range of QSA services, including Pre-assessment, Consultation and Remediation, Audit, and on-going Compliance Management. Our clients covers a wide range of industry within the payment chain, including but not limited to:
- Major banks and financial institutes
- Card Processors
- Multi-national retail groups
- Insurance companies
- Payment gateways
- Telecommunication providers and datacenters
Our blueprint of delivering PCI QSA services have enabled our clients in achieving and maintaining multi-year compliance status, and have won us the Most Valuable Hong Kong Companies Awards for 2015 and 2016, two years in a row.
Our unmatched experiences would help you tackle every challenge in achieving PCI compliance..