logo

The Online Security Specialists

Protecting your online network with advanced security solutions for online payment protection
  • PCI Compliance Scanning Tools
  • Online Payment Security Advice
  • Protection Against Online Threats

Ensuring your financial security within high threat online environments against a multitude of different attacks

Do all Online Payment Gateways Require PCI DSS Compliance?

Introduced in 2006, the Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to protect online shoppers from cyber thieves. Though the standards do vary from small to large businesses, all companies that accept credit card payments through payment gateways must comply with PCI DSS.

One common misconception is that small companies that do not do much business online do not have to abide by these rules. But the truth is that is just as important for a small company to adhere to PCI, maybe even more so. The reason for this is simple: all companies that violate PCI DSS are subject to the same fines. And these penalties obviously have a much greater impact on small companies than they do on large ones.

On average, a business will be fined five-thousand pounds if it is discovered that it is violating PCI DSS. And when credit card theft occurs on an unprotected site, the company will be held financially responsible. Of course, PCI DSS does not make a site 100 percent secure and theft still occurs even on protected sites. The only difference is that sites that comply with PCI DSS are not held financially responsible.

How does a website become compliant? There are three basic validation tools that are used to ensure PCI DSS compliance. The first and most popular is the Self-Assessment Questionnaire (SAQ). Every company that sells on the internet must complete an SAQ at least one a year. There are several different versions of the test based on the size of the company, so it is import to select the right one.

Next there is the PCI SCC validation scan. The scan is only required for companies that have external facing IP addresses. Because these websites are particularly susceptible to attacks, the scan must be administered by an Approved Scanning Vendor (ASV) on a quarterly basis.

Lastly, there are Qualified Security Assessors (QSAs). These trained professionals will check your website for inconsistencies and make certain that you have properly completed the SAQ. If they find no major issues, the QSA will reward the company with a certificate of compliance, which can then be submitted to the merchant service provider.

Contact us For Advice

When you contact us, ensure you provide us with your full company details including your websites and the details of your specific requirements.

    • Name:
    • Email:
    • Telephone:
    • Enquiry:
    • What is 2 + 3 ?

Providing Finance Security

  • Protect your network from suspicious activity
  • Use sophisticated tracking tools to monitor malicious intent
  • Isolate specific threats from within high traffic environments
  • Collate evidence from raw log files and referral log data
  • Group (attackers using different IP's) to evade detection
  • Lay traps to catch cyber criminals in action
  • Track down suspects using advanced data-mining tools
  • Locate criminals with advanced geo-location tools
  • Find evidence which can be used to get legal redress
  • Examples of threats you face which we detect

Sign up to receive periodical security guides

    • Name:
    • Email:
    • What is 1 + 3 ?
  • Office - 23 Windsor Avenue London SW19 2RR

    PCI Compliance Saq 2011 ©
  • Terms of Use