Green Method is the leading provider or PCI-DSS Consulting Services in the UAE. We have an excellent tracking record of taking the companies to compliance within the deadline prescribed by the regulators or the Card Schemes. Method has been particularly successful in helping organizations embarking on their first compliance journey. The first compliance is typically more complex as it requires several process changes to be implemented.
PCI-DSS Compliance is challenging. Any entity handling cardholder data or even supporting other entities handling cardholder data needs to be compliant with PCI-DSS (Payment Card Industry Data Security Standard). Your organization may need to be PCI Compliant and/or Certified. Where do you start? The compliance is complex and extremely comprehensive. This looks daunting!
What you need, is a structured program and approach to PCI. This program must, in manageable capsules, take your organization towards PCI Compliance. This involves ensuring that your processes, technology and people are aligned to the goal (PCI Compliance) and achieve the necessary PCI security requirements. This program must be simple, realistic and fit the organization’s culture and internal processes.
Our Project team of experts including QSAs, Information Security Process Experts, Network Security Experts and Application Security experts managed by proven and qualified project management professional were tasked to provide the best cost effective solution.
We make this really simple for your organization. We take on your organization’s PCI Compliance process as a complete project. We create your Enterprise PCI Program and take you through the structured process that aligns technology, process and people to meet and exceed the challenging PCI Security Requirements. Rest assured, your organization is in good hands. Green Method knows its PCI. Our team has managed PCI Compliance programs for some of the most challenging business environments.
Green Method follows a quick win Methodology that helps organizations to swiftly achieve the compliance.
What is PCI?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.
The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with a focus on improving payment account security throughout the transaction process. It is important to note that the payment brands and acquirers are responsible for enforcing compliance, not the PCI council.
The PCI DSS applies to ANY organization, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data.
What are the PCI compliance ‘levels’ and how are they determined?
All merchants will fall into one of the four merchant levels based on Visa transaction volume over a 12-month period. Transaction volume is based on the aggregate number of Visa transactions from a merchant Doing Business As (‘DBA’). In cases where a merchant corporation has more than one DBA, Visa acquirers must consider the aggregate volume of transactions stored, processed or transmitted by the corporate entity to determine the validation level. If data is not aggregated, such that the corporate entity does not store, process or transmit cardholder data on behalf of multiple DBAs, acquirers will continue to consider the DBA’s individual transaction volume to determine the validation level.