The PCI DSS is a set of comprehensive requirements for enhancing payment account data security. It was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis.
Deloitte can provide expert security services assisting organisations with preparing for PCI-DSS assessments and remediating any findings.
Any merchant, acquirer, issuer bank, and service provider that processes, stores or transmits credit or debit card data, and any party connected to them may need to comply.
If you do any of the following, you may need to adhere to PCI-DSS requirements:
Non compliance may lead to a charge being levied by card issuers. If the non-compliance by the company has compromised the cardholder data, this may result in the company losing the right to take credit card payments followed by fines and forensic investigations.
The standard covers IT systems and components, including servers, applications and databases throughout the transaction process. It also applies to the manual processes and procedures that are an integral part of any successful security and fraud management solution.
Deloitte offers the PCI-DSS services in the following areas:
Accurately determining and documenting different credit card capture points, and the foot print of credit card storage within an organisation’s business processes, systems, applications and networks is one of the key activity of PCI DSS assessments.
Deloitte can provide PCI Data Discovery and identification services to clients assisting with identifying the following:
Achieving PCI Compliance is a complex and comprehensive process. It requires an organisation to demonstrate controls around people, process and technology.
Deloitte can assist clients with PCI Gap Analysis services to help an organisation with the following:
Deloitte provides a detailed Gap assessment report as part of this offering.
Security testing of the web facing applications such as e-commerce gateways, shopping cards and other processing facilities is a requirement with PCI DSS. Deloitte has extensive expertise in Web application security and code assessments.
For more information on web application security services, please see our web application security offering.