Payment Transaction Security
Protecting Sensitive Credit Card Information
Enhanced security for credit card transactions, greater protection against data theft: following these objectives, the world's leading credit card companies have joined forces and developed a security standard designed to protect sensitive credit card information. In contrast to applicable ISO standards, however, this Payment Card Industry Data Security Standard (PCI DSS or PCI) does not provide recommendations, but binding rules for all trading companies and service providers that process credit card data.
plan42 is your guide to PCI compliance in your organisation, providing you with targeted technical solutions to align your IT infrastructure to PCI requirements, but also offering comprehensive consulting services that lead you to certification.
A kick-off meeting at the beginning of the project serves to clarify your specific objectives, relevant contact persons as well as the schedule for the project.
2 Process Analysis
In the first step of analysis, we focus on your internal processes for credit card information processing and check them for compliance with PCI requirements.
3 Asset Analysis
Subsequently, we analyse your IT infrastructure to identify potential deviations from PCI guidelines.
4 Gap Analysis
Where is action needed? Our gap analysis systematically uncovers any areas of non-compliance.
5 Control Definition
Based on the gap analysis, we work with you to define a collection of controls to establish PCI compliance in your organisation. This collection includes, as required, both organisational measures and technical solutions.
Our consultants will support you through all stages of implementation, including activities such as the prioritisation of controls, the development of an IT security guideline or the implementation of technical solutions.
Upon implementation, we conduct a pre-audit to verify the effectiveness of the new controls and to make sure you are perfectly prepared for PCI certification audits and self assessments.
And what can we do for you?
Would you like to learn more about our services regarding PCI? Please feel free to contact us.