Desiree Cassar – Online Academy

Interested in PCI DSS?

Your Compliance is our main Priority

Our objective is to provide you with prompt and practical advice to achieve compliance in the shortest time possible and without unnecessary costs. We have assisted hundreds of clients. Let us know how we can help you.

Free Consultancy

What is PCI DSS?

PCI DSS is a Payment Card Industry Data Security Standard developed by the Payment Card Industry Security Standards Council (PCI SSC) in conjunction with the card schemes. It defines a specific list of requirements for ensuring the security of payment card data, affecting both the organizational and technical side of companies.

Does this concern me?

The PCI DSS standard defines the requirements for enterprises whose information systems

– store, process or transmit payment card data.

– can in any way affect the security of this confidential payment information.

All organizations involved in the processing of payment cards MUST comply with the regulations contained in this document.

What are my benefits?

New Market Opportunities

A PCI DSS certification represents high quality and adherence to world best practices. A PCI DSS certificate also opens the way to new markets, as PCI DSS is an international standard.

Data Security

PCI DSS helps you achieve a minimum level of security to guarantee the safety of customer data in relation to external threats.

Consistent and Secure Operations

Conversely, not having certification could preclude you from being able to do business with those entities that mandate certification.

New Partnerships

The ability to work with any payment systems and easily find and create new partnerships.

Avoiding Fines

Building security processes in the company, which will lead to reducing the risks of hacking, data theft and subsequent fines.

Image and Trust

The PCI DSS badge for a client means a really high level of card data security.

Your 1st Consultancy

With Us is FREE!

Process Steps and Results

We’re proud that our company offers full one stop solution for clients searching for cyber security support. With us you’ll never feel insecure.

01

Free Consultation

Call / meeting with our specialists at your convenient time
During the session, it will be determined what types of certification you need.
We sign a non-disclosure agreement (NDA).
After that, questionnaires are filled out with basic information about processes, systems and employees to understand better the scope.

02

Scoping

After signing of contract, we establish a PCI DSS Scope Definitions document
We will provide recommendations on the organization and construction of an information system
Perform a gap analysis

03

Recommendations

Recommendations and assistance in resolving material issues
Implementation of information security processes
Implementation of information technology and information security processes
Risk assessment
Development of documentation for IT / IS process management
Conducting staff training on PCI DSS requirements

04

Carrying out Periodic Technical Tests

Scan for wireless Wi-Fi networks – quarterly
Network segmentation test – twice a year
Internal Vulnerability Scans – Quarterly
External ASV scan for vulnerabilities – quarterly
Internal Review of PCI DSS Compliance – Quarterly
External penetration test – once a year
Internal penetration test – once a year
Research of vulnerabilities and modeling of attacks on wireless WI-FI networks – once a year

05

Final Audit of Compliance

Full support during the audit process.
We provide you with our final reports and certification
Post audit support.
Support for annual recertification

Our Related Services

Man working on laptop computer keyboard with graphic user interface GUI hologram showing concepts of big data science technology, digital network connection and computer programming algorithm.

Penetration Testing

A penetration test attempts to carry out an analysis of your infrastructure just like a hacker would. We are in a position to provide black box and white box testing as well as internal and external testing. The pentest can also cover social engineering type of attacks.

person-touching-open-macbook-on-table-839465

Scanning ASV

Another service we can provide is Web Application Scanning, which is an automated test specifically targeted for application vulnerabilities. This test is based on a small subscription charge and allows you to conduct unlimited tests on your application, a valuable resource for your developers.

PCI DSS SAQ Self-Assessment Questionnaire

This service is intended for merchants and service providers with low transaction volumes. As part of the service, Kyte Global experts provide assistance in conducting conformity assessment with the completion of the PCI DSS SAQ.

Two businessmen shaking hands to greet each other. Mixed media

Compliance as a Service (CaaS)

Kyte has come up with a service that encompasses all those tasks that are often forgotten or else not carried out in a timely fashion. This service, which is termed Compliance as a Service, sees Kyte working with your team to make sure no requirement is left out.

Exposure image of businessman drawing graph on screen. Mixed media

E-Learning

We constantly improving our skills and knowledge to provide best courses for our clients. Our courses are tailored for your needs. You can learn from any place across the globe. Our pricing is always extremely competitive. All courses prepared by experts in the industry

Businessman standing and looking to a bunch of question mark signs

GDPR

Organizations both inside and outside the EU/EEA that collect and process information on individuals in the EU/EEA must comply with the GDPR. Kyte offers a complete consultancy service to ensure organisations satisfy all legal and technical requirements to comply with the Regulation.

The teen hand uses a credit card. She pulls out the Wallet. - Images

3DSecure

Kyte is also validated as a PCI 3DS assessor and can provide Issuers, Acquirers as well as Processors with certification under the PCI 3DS Standard. This certification applies to all those entities who operate under the EMV Co specification.

Global Community International Networking Concept

Our Numbers

Our experience
more than

Years

We have
clients in

Countries

Successful
work with

Clients

Successfully completed

Projects

PCI DSS Worldwide

Kyte Global has been providing a wide range of audit and consulting services for information security since 2006. Amongst our clients one finds international companies such as banks, online casinos, manufacturing, trade, construction companies, non-profit organizations and many others. Kyte Global was the first company in Malta to receive QSA and ASV status, giving the right to perform PCI DSS certification audits and external ASV scans. Over the past 14 years, our experts have completed more than 400 PCI DSS compliance and certification projects for banks, independent processing centers, service providers, data centers and merchants around the world.

What Our Customers Have to Say

At Seitatech, we have enjoyed working with Kyte. The engagements are typically very smooth, they are always ready to adjust to our schedules and provide excellent support during the assessments. Thank you for helping us to obtain our PCI DSS certification and your continuous efforts to improve our security posture. It is a great collaboration!

Mikko LaaksonenCTO, Seitatech

Kyte Global is providing us with information security solutions. We are pleased to work with them as they are very customer centric and their problem-solving approach and capabilities were beyond our expectations. We definitely recommend them to anyone looking for cyber security consultancy and solutions.

MATTHEW SCIBERRASDirector of Information Security, Betsson Group

Apcopay's attainment of our yearly PCI DSS Level 1 Certification is a crucial component of our payments processing business. Kyte’s thorough work, throughput, constant assistance and eye for detail contributed significantly to how we manage, and approach our certification and maintain our standards with our various stakehodlers. We have nothing but positive feedback on the entire end to end process. From the onset, they were reliable, supportive and extremely approachable and have been so for the last 6 years. We are looking forward to growing our business relationship with Kyte in the years to come.

Daniel ButtigiegManager, Apco Pay

Kyte have proven themselves to be a perfect consulting partner for our organisation, often going beyond their remit. Their handling of our penetration testing and PCI DSS certification was extremely professional on all accounts and the Kyte team was always close at hand to assist where necessary. I would highly recommend them in the consulting services space.

Ozzy KnoxCIO, Intergiro

Frequently Asked Questions

This is what people are usually asking us. If you want to discuss one of these topics with us or you have other questions please contact us for your free consultation!

This usually depends on the Acquirer. Service providers are usually required to undergo a level 1 onsite assessment. The validation method for a merchant is usually dependant on the volume of transactions processed. Any entity processing 6million transactions and over need to carry out an onsite assessment as an SAQ would not be adequate

This depends on whether you are even eligible for an SAQ or not. If you are eligible for an SAQ, you would need to determine which SAQ is right for you, based on the nature of your credit card processing. For the sake of this question, it is pertinent to note that an SAQ D contains all of the requirements that are requested for an onsite assessment and consequently the same effort is required to comply. The only difference is that an onsite assessment require an audit which involves detailed testing by your QSA. The plus side, is that for the same effort, an onsite assessment results in a certification whereas an SAQ does not.

Request Your Free Consultation

If you would like to discuss with us your project we will be happy to schedule a call at your convenient time.

* By submitting this form you accept to receiving our confirmation of your participation and further details on the event. For more information please refer to our Privacy Policy