Payment Gateways and Payment Processors
Ensure Compliance with Payment Card Industry Data Security Standards
PCI standards mandate compliance for all enterprises with cardholder agreements, including their service providers like Payment Gateways and Processors, to ensure adherence to Payment Card Industry Data Security standards.
A 'service provider' is any firm handling cardholder data, including Payment Gateways and Processors. The definition is expanding to include third parties managing key controls, fostering Payment Card Industry Security discussions and enhancing transparency.
Level 1 service providers need an independent assessment and Attestation of Compliance (AOC) for listing by card brands. Panacea InfoSec can help meet Visa and MasterCard requirements and ensure adherence to Payment Card Industry Data Security standards.
Level 2 providers, processing fewer than 200,000 transactions annually, must comply with Payment Card Industry Security requirements. They can self-complete a Self Assessment Questionnaire (SAQ) or opt for external assessments for an AOC. Panacea InfoSec can assist in choosing the best validation method.
Stay ahead of the evolving data breach and cybercrime landscape.