As a valued Paystri customer, we want to help you meet the mandated requirements regarding the safe handling of credit card data.
Paystri has strategic partnerships that provide straightforward processes for achieving compliance. Our PCI DSS compliance program is managed by PCI Council Approved Scanning Vendors (ASV) that provide easy-to-use tools to reduce the complexity of achieving compliance.
As a Paystri customer, you are automatically enrolled in a PCI DSS compliance program.
Steps needed to fulfill PCI DSS compliance:
- Determine PCI DSS level — Determine your number of annual transactions and compare it to the requirements of each card brand you support.
- Map the flow of cardholder data — Include applications, systems, and people who work with card data. All card payment platforms and storage systems that hold card data must be included. This is typically completed with the assistance of your IT staff.
- Complete the Self-Assessment Questionnaire (SAQ) — Paystri offers several different resources, depending on the unique needs of your business. Email our Customer Success team at service@paystri.com to learn more.
- Complete the Attestation of Compliance (AOC) — This document differs according to the PCI DSS compliance level of your business. AOC ensures that you fulfilled every PCI DSS compliance step.
- Conduct a vulnerability scan — Scan for security vulnerabilities and make sure you meet all standards. You can decide if you need an Approved Scanning Vendor (ASV) based on the results of your SAQ.
- Submit documents — You may need to submit documents including AOC, SAQ, and ASV reports to banks, card brands, etc.
- Monitoring — Your business, its infrastructure, and the data you store may change with each security scan. Therefore, it's necessary to monitor compliance continuously. There should be a security team responsible for monitoring and responding to vulnerability and threats.
Learn more at the PCI Security Standards Counsil's website.
Still Have Questions?
We're here to help.