What is PCI DSS?

PCI DSS is a Payment Card Industry Data Security Standard developed by the Payment Card Industry Security Standards Council (PCI SSC) in conjunction with the card schemes. It defines a specific list of requirements for ensuring the security of payment card data, affecting both the organizational and technical side of companies.

 

Does this concern me?

The PCI DSS standard defines the requirements for enterprises whose information systems

– store, process or transmit payment card data.

– can in any way affect the security of this confidential payment information.

All organizations involved in the processing of payment cards MUST comply with the regulations contained in this document.

What are my benefits?

New Market Opportunities

A PCI DSS certification represents high quality and adherence to world best practices. A PCI DSS certificate also opens the way to new markets, as PCI DSS is an international standard.

Data Security

PCI DSS helps you achieve a minimum level of security to guarantee the safety of customer data in relation to external threats.

Consistent and Secure Operations

Conversely, not having certification could preclude you from being able to do business with those entities that mandate certification.

New Partnerships

The ability to work with any payment systems and easily find and create new partnerships.

Avoiding Fines

Building security processes in the company, which will lead to reducing the risks of hacking, data theft and subsequent fines.

Image and Trust

The PCI DSS badge for a client means a really high level of card data security.

Your 1st Consultancy

With Us is FREE!

Process Steps and Results

We’re proud that our company offers full one stop solution for clients searching for cyber security support. With us you’ll never feel insecure.

01

Free Consultation

  • Call / meeting with our specialists at your convenient time
  • During the session, it will be determined what types of validation or certification you need.
  • We will answer all your questions and explain the entire process for you
  • We sign a non-disclosure agreement (NDA).
  • After that, questionnaires are filled out with basic information about processes, systems and employees to understand better the scope and be able to provide you with a proposal.

02

Scoping

  • After signing of contract, we will embark on a scoping exercise. This is carried out by understanding the flow of data, the systems in place as well as internal processes. During this stage we also attempt to reduce the scope as much as possible to reduce the complexity of the project.
  • We will provide recommendations for implementing some of the requirements. This may be the implementation of specific tools or a change in the design of the infrastructure to simplify compliance.
  • Perform a gap analysis

03

Recommendations

  • Recommendations and assistance in resolving material issues
  • Implementation of information security procedures
  • Implementation of information technology and information security processes
  • Risk assessment
  • Development of documentation for IT / IS process management
  • Conducting staff training on PCI DSS requirements

04

Carrying out Periodic Technical Tests

  • Scan for wireless Wi-Fi networks – Quarterly
  • Network segmentation test – Twice a year
  • Internal Vulnerability Scans – Quarterly
  • External ASV scan for vulnerabilities – Quarterly
  • Internal Review of PCI DSS Compliance – Quarterly
  • External penetration test – Once a year
  • Internal penetration test – Once a year
  • Research of vulnerabilities and modeling of attacks on wireless WI-FI networks – Once a year

05

Certification

  • Full support during the audit process
  • Access to our audit platform so that you can monitor progress and exchange information with the QSA
  • We provide you with our final reports and certification
  • Post audit support
  • Support for annual recertification

Our Related Services

Our Numbers

Our experience
more than

Years

We have
clients in

Countries

Successful
work with

Clients

Successfully completed

Projects

PCI DSS Worldwide

Kyte Global has been providing a wide range of audit and consulting services for information security since 2006. Amongst our clients one finds international companies such as banks, online casinos, manufacturing, trade, construction companies, non-profit organizations and many others. Kyte Global was the first company in Malta to receive QSA and ASV status, giving the right to perform PCI DSS certification audits and external ASV scans. Over the past 14 years, our experts have completed more than 400 PCI DSS compliance and certification projects for banks, independent processing centers, service providers, data centers and merchants around the world.

What Our Customers Have to Say

Frequently Asked Questions

This is what people are usually asking us. If you want to discuss one of these topics with us or you have other questions please contact us for your free consultation!

This usually depends on the Acquirer. Service providers are usually required to undergo a level 1 onsite assessment. The validation method for a merchant is usually dependant on the volume of transactions processed. Any entity processing 6million transactions and over need to carry out an onsite assessment as an SAQ would not be adequate

Request Your Free Consultation

If you would like to discuss with us your project we will be happy to schedule a call at your convenient time.

* By submitting this form you accept to receiving our confirmation of your participation and further details on the offer. For more information please refer to our Privacy Policy. The personal data you submit via this form will be processed according to our Privacy Policy