Payment Gateways and Payment Processors
Ensure compliance to standards with protection of data and safe and secure transactions
PCI standards mandate compliance for all enterprises with cardholder agreements, including their service providers like Payment Gateways and Processors.
A ‘service provider’ is any firm handling cardholder data, including Payment Gateways and Processors. The definition is expanding to include third parties managing key controls, fostering security discussions and enhancing transparency.
Level 1 service providers need an independent assessment and Attestation of Compliance (AOC) for listing by card brands. Panacea InfoSec can help meet Visa and MasterCard requirements. Level 2 providers, processing fewer than 200,000 transactions annually, must comply with Payment Industries standards. They can self-complete a Self Assessment Questionnaire (SAQ) or opt for external assessments for an AOC. Panacea InfoSec can assist in choosing the best validation method.
Stay ahead of the evolving data breach and cybercrime landscape.