• Overview
• Security Risk & Compliance
  • QualysGuard Enterprise
    • Core Features
    • Unique Benefits
    • The SaaS Advantage
    • Integrations
    • Pricing
    • Customers & Awards
  • QualysGuard Express
    • Core Features
    • Unique Benefits
    • The SaaS Advantage
    • Integrations
    • Pricing
    • Customers & Awards
  • QualysGuard @Customer
    • Core Features
    • Unique Benefits
    • @Customer Architecture
    • Integrations
    • Pricing
    • Customers & Awards
• PCI Compliance
• QualysGuard PCI
• Core Features
• Unique Benefits
• How it Works
• The SaaS Advantage
• Pricing
• Customers & Awards
• Partner Solutions

 

 

WHAT

The Payment Card Industry Data Security Standard requires businesses, online merchants, and Service Providers to protect credit cardholder information. The standard was developed by the founding payment brands of the PCI Security Standards Council, including MasterCard, Visa, American Express, Discover and JCB, to help facilitate the broad adoption of consistent data security measures on a global basis. The core of PCI DSS is a group of principles and accompanying requirements:

WHO

The standard applies to all merchants and service providers that transmit, store or process cardholder information, and affects all payment channels, including retail (brick-and-mortar), mail/telephone order and e-commerce.

WHY

Failure to comply can be steep: fines, restrictions, or even permanent expulsion from card acceptance programs. By complying with the requirements, merchants not only meet their obligations to PCI DSS, but also build a culture of security that benefits all parties.

HOW TO VALIDATE COMPLIANCE

To validate compliance, all merchants and service providers, regardless of credit card transaction volume and acceptance channel must fulfill the following validation actions:

Once all validation actions have been performed and are compliant, both Merchants and Service Providers must document and submit proof of compliance to their acquiring banks.

SOLUTION

Failure to comply can be steep: fines, restrictions, or even permanent expulsion from card acceptance programs. By complying with the requirements, merchants not only meet their obligations to PCI DSS, but also build a culture of security that benefits all parties. QualysGuard PCI not only helps you complete the Self-Assessment Questionnaire and Network Scan validation actions, it also allows you to complete the compliance process by submitting compliance status directly to the acquiring through the "auto-submission" feature. If you are a Level 1 Merchant or Service Provider, and need to perform an On-Site Security Audit, you can use a Qualys PCI Consulting Partner to fulfill the requirement.

© 1999 - 2008 Qualys, Inc. All rights reserved.