Cyber Security Specialists 1800 816 044

PCI DSS Compliance

Certification of mechants & service providers to meet PCI DSS Standards

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.

Learn More
Dots PCI DSS Compliance Credit Card

Vectra specialises in all aspects of PCI DSS compliance including assessments, penetration testing and requirement validation for all types of businesses. We conduct our PCI DSS consulting services in Sydney, Melbourne, Adelaide, Perth, and Brisbane.

We launched our payment card related security compliance services in 2004 through programs with Visa and MasterCard. We then became the first Australian company to be certified as a QSA Company (QSAC) by the PCI Security Standards Council when it was formed in 2006. Since that time we’ve assisted thousands of organisations of all sizes in sectors including retail, financial services, insurance, transport, banking, credit unions, building societies, utilities, gaming and third party hosting and service providers.

What is PCI DSS Compliance?

Every organisation that stores, processes or handles payment card data is required to be Payment Card Industry Data Security Standard compliant. This standard was designed to increase cardholder data protection to dramatically reduce credit card fraud.

Every company that accepts credit cards, anywhere in the world, needs to comply with the PCI DSS. It doesn’t matter how few transactions you have. It doesn’t matter if all your payments are handled by third-party payment processors. It doesn’t matter if the credit card is never stored on your servers.

PCI compliance is, at its core, a contractual agreement between a company and the financial institution that handles the payments.

How does a business become compliant?

Compliance reporting for small merchants can be as simple as completing a Self-Assessment Questionnaire (SAQ) while for larger merchants and third party service providers, annual assessments must be conducted by a QSA Company. If you have internet facing IP addresses you must conduct network vulnerability scanning utilising an Approved Scanning Vendor (ASV) certified by the PCI Security Standards Council.

How often does compliance need to be validated?

To meet merchant agreements and avoid penalties, acquiring banks will seek PCI DSS compliance reporting on an annual basis and in some cases, on a quarterly basis.

PCI DSS Complaint Logo

Vectra PCI DSS Compliance and PCI DSS Assessment Services

PCI DSS Gap Assessment

Payment card industry merchants can prepare for PCI DSS compliance by undertaking a PCI DSS gap assessment. This type of assessment helps to identify, analyse and document any areas of non-compliance with the Payment Card Industry Standard so that the merchant can remediate any issues prior to applying for a PCI DSS compliance assessment.

ASV Scanning Services

ASV (Approved Scanning Vendor) Vulnerability Scanning is a quarterly requirement for many organisations as part of the requirements to maintain their PCI DSS Compliance. Vectra provides a web based portal that can be easily configured to automate the scanning process as required by PCI DSS, or can allow scans to be run on an ad-hoc basis when required.

Contact Vectra

Fill out the form and we’ll be in touch as soon as possible or call our team on 1800 816 044.

Contact Us - Popup
Banking & Finance
Major Retailers
Service Providers
Media & Entertainment
Contact us