In the Netherlands, digitization of payments is common place and total amounts as well as transaction volumes, are on the rise. Unfortunately, criminals focus their attention on where the money is. Whereas previously these were physical banknotes, today's focus seems to lie on electronic money.
Organizations need to ensure that adequate measures have been taken to ensure that payment card details are safe to avoid financial loss and reputational damage. The payment card schemes also require this. One of the methods the card schemes have jointly instigated, is a package of security measures for organizations that store, process or transmit card information. These requirements are bundled into a security standard known as Payment Card Industry Data Security Standard (PCI DSS).
Depending on the number of transactions or stored credit card information, organizations must complete a self-assessment questionnaire or involve a qualified party that investigates whether the card information is sufficiently protected.
Qualified Security Assessors (QSA) are trained to verify that companies have taken adequate security measures to ensure safety of credit card information These experts have extensive knowledge in the field of information security, and are continuously screened and trained.
We have eight certified QSAs that specialize in performing PCI DSS audits and advising clients in the field of information security.
Once you store, transmit or process card information, you are required to comply with PCI DSS.
As an (online) organization, you are compliant if your processes and systems store, process and transmit the credit card information in a secure manner. You want to avoid breaches that cause your customers to lose confidence in your organization and possibly leave;
When your customers feel safe, they often make repeat purchases and recommend you to others;
You can prevent card fraud and thus fines, or even exclusion by one of the card schemes.
If you meet all the requirements, you will receive a certificate to show third parties and visitors that you meet all the requirements of PCI DSS.