F.A.Q.

Question:

What was the PCI DSS standard certification introduced for?

Answer:

Such companies as VISA and MasterCard require from the trading enterprises and various service providers, who accept payments from the customers through these payment systems, to comply with the PCI DSS standard in order to have the security assurance that their clients’ funds are safe.

 

Question:

What is the PCI DSS standard?

Answer:

The PCI DSS standard is a set of security requirements for the cardholder data that are stored, transmitted and processed in the information infrastructures of organizations. It contains only 12 clear and detailed requirements, which you can read in the article on our website.

 

Question:

What are the primary objectives of the PCI DSS standard?

Answer:

The primary objectives of the PCI DSS standard are to ensure the network infrastructure security and protect the stored cardholder data, as these are the most soft spots that directly threaten with the confidentiality and money loss.

The PCI DSS standard regulates the payment system operating rules as well as their development and monitoring procedures.

 

Question:

What does the PCI DSS standard focus on?

Answer:

The PCI DSS standard focuses on the following aspects:

Cardholder data security.

Secure network construction and further maintenance.

Implementation of the rigorous access-control measures.

Vulnerability Management and Elimination.

Regular network monitoring and testing.

Development of the reliable information security policy.

 

Question:

What enterprises do the requirements of this standard apply to?

Answer:

The PCI DSS standard requirements apply to the trading companies, banks, processing centers, call centers, service providers of all kinds, retail stores, payment gateways and other enterprises and organizations that deal with the processing, transmitting and storing of cardholder data.

 

Question:

How to determine what business needs to undergo the PCI DSS standard certification?

Answer:

The PCI DSS standard requirements apply to the trading companies, banks, service providers of all kinds, retail stores, call centers, payment gateways and other enterprises and organizations that deal with the processing, transmitting and storing of cardholder data.

 

Question:

How to determine if our company needs to comply with the PCI DSS standard requirements?

Answer:

If your organization stores, processes or transfers the payment card data, and the business processes can affect the security of these cards, you can safely say that you definitely need to be certified in order to comply with the PCI DSS standard.

 

Question:

What is the cost of the PCI DSS certificate?

Answer:

In order to answer this question, our specialists should clarify a number of things related to the peculiarities of your business. Let’s say, it is the minimum cost for an online store. The price will be many times greater for a bank or data center. You can contact us right now: +380 (73) 481 28 61 and receive all the information you need.

 

Question:

What benefits will our company gain with the PCI DSS certificate availability?

Answer:

Compliance with the international payment system requirements. Without the fulfillment of these requirements, fines or service denial may be imposed.

Reducing the risks from the possible confidential information disclosure.

Formation of public opinion about the company’s fair name and stable position.

Growth in the trust level and sales level, accordingly.

 

Question:

We have a small Hotel & Restaurant business in the Carpathians. Do we also need to complete the PCI DSS certificate?

Answer:

If your organization stores, processes or transmits the information about at least one card transaction or cardholder during the year, then you must comply with all of the PCI DSS standard requirements.

 

Question:

I am a travel business owner. Why does my company need the PCI DSS certificate?

Answer:

In 2016, the IATA has put forward a requirement for all travel companies which work in their online booking system.

This requirement is quite simple: all the IATA system participants must undergo mandatory certification for compliance with the PCІ DSS standard till March 1, 2018.

Your travel company needs the PCI DSS certificate in order to ensure the customers’ data and money security during the card payments (Visa, MasterCard and so on).

Without this certificate there is a good likelihood that these data can be seized by intruders in order to embezzle the funds.

 

Question:

What could be the consequences if a travel agency doesn’t consider it necessary to complete the PCI DSS certificate?

Answer:

If the travel company or tour operator completes certification according to the PCІ DSS standard, they will be able to book and sell the flight tickets. After March 1, 2018 the IATA will cease to provide its services to all companies that haven’t completed the PCI DSS certification.

The consequences of failure to comply with the IATA‘s requirements are negative: penal sanctions, service commission increasing or full online booking scram.

 

Question:

I’m the head of a new trading network. We are going to enter the market within a year. Why does our network need the PCI DSS certificate?

Answer:

Trading networks must comply with the PCI DSS standard requirements on a par with the other international payment system participants.

More details about these requirements you can find by clicking on this link.

If your store makes at least one transaction, you must comply with the PCI DSS standard. This requirement applies both to the traditional shops and online stores.

 

Question:

I’m going to set up an online juvenile product store. Do I need the PCI DSS certificate or not?

Answer:

In our practice, the following situation has happened. We were contacted by the small online store representatives with a request to help them complete the PCI DSS standard certificate.

The store owners have decided to accept online payments from their customers. In order to get that done, it was necessary to connect the store’s website to the payment system of a large Ukrainian bank.

The first thing this bank has done was laying down a mandatory condition! The online store must undergo the PCI DSS standard certification.

You need the PCI DSS certificate, and we’ll help you complete it in the shortest possible time.

“IT Specialist” – G+