The Payment Card Industry Data Security Standard (PCI DSS) was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is done annually — by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for those handling smaller volumes.
Instead has experts in the PCI DSS field who can provide organizations with flexible and tailored PCI DSS consultancy services to meet the requirements of your compliance process without paying for the time of a qualified assessor.
Instead provides consultancy for both Merchants and Service Providers, defined under the Standard as:
- Merchant: any entity that accepts payment cards (Visa, MasterCard, American Express, Discover or JCB) as payment for goods and/or services.
- Service provider: a business entity (not a card brand or merchant) directly involved in the processing, storage, transmission, and switching of transaction or cardholder data (e.g. payment processor), or an entity which provides services to merchants (e.g. managed service providers, hosting providers.)