PCI DSS

Comsec is able to guide your organisation through the entire PCI certification process. Our approach to PCI & PA compliance leverages upon years of experience and the successful collaboration with over 100 companies across the globe. Our unique advantage stems from Comsec’s ability to provide the end-to-end support and guidance you require to achieve PCI compliance while remaining product agnostic.

PCI DSS

The Challenge
Merchants, service providers and software vendors are already identifying that there is a real competitive advantage to be gained from being PCI compliant and are facing increasing pressures from customers and banking partners. 

Increased fraud and identity theft involving stolen credit card data, led to the formulation of the PCI standard to stem losses by the card providers and improve consumer confidence. Where cardholder data is compromised, merchants unable to demonstrate compliance with the standard may now be liable for losses that arise from the security breach. 

Beyond compliance, real business risks relative to brand, customer loyalty and corporate reputation exist if the payment data is not securely managed. In addition, merchants who do not comply with the standard face the prospect of substantial fines imposed by the card schemes should a security breach occur and they have not complied with the standard.


Our Approach
Our proven approach will guide you through each step of the certification process, from initial scoping, gap analysis, remediation, right through to the final assessment and certification. Outlined below are the key activities, deliverables and milestones to ensure you achieve PCI compliance in the most effective way.

As your PCI compliance partner, Comsec is able to guide your organisation through the entire PCI certification process. Our approach to PCI & PA compliance leverages upon years of experience and the successful collaboration with over 100 companies across the globe. 

Comsec’s dedicated team of QSA certified professionals have the expertise and knowledge to ensure the resource and costs associated with PCI compliance are kept to a minimum. Our unique advantage stems from Comsec’s ability to provide the end-to-end support and guidance you require to achieve PCI compliance while remaining product agnostic.

PCI Security Services
Comsec provides a turn-key approach for compliance with the PCI security standards, including PCI DSS, PA-DSS, P2PE, ASV, PTS, Visa PIN Security, Card production, and more. Our services range from general PCI consulting, to full scale, turn-key compliance and certification, including:
• PCI DSS Compliance: Scoping and Initial Report on Compliance, Onsite assessment and PCI DSS Certification, PCI environment design, Remediation and compliance maintenance work-plans.
• P2PE Compliance: Initial Report on Compliance, Certification and Approval, Remediation and
    compliance work-plans.
• P2PE: Scoping and Initial Assessment, P2PE Solution Approval and Certification.
• PCI Compliance for mobile solutions and applications.
• Professional PCI Security Implementation (Cloud environment, Auditing, Security solutions, and more).
• PCI and security training and awareness.
• Security Testing (Penetration Testing, ASV scans, Internal VA Scans, Code review, Firewall review, formal Risk Assessment, and more).


PCI Compliance Process

PCI Service Benefits
• Our team of dedicated PCI consultants and certified QSAs, allows us to deliver a turn-key project, with a    focus on reducing complexity and bottlenecks, improving efficiency and speed, and minimizing costs.
• Comsec possesses vast experience with the payment card industry and its different entities (Service    Providers, Acquirers, Card Brands, PSPs, Gateways, etc.).
•  Comsec is an active participant in PCI SSC working groups and special   interest groups (SIGs).
• Comsec manages compliance programs for leading security standards and best practices such as ISO 27001, ISO 27799, HIPAA, SOC 1/SSAE 16/ISAE 3402, ITIL, Cobit, and others.

PCI