- Contact: 0113 232 2330
- Secure Portal Login: Go >
The Payment Card Industry Security Standards Council (PCI SSC) operates an exacting programme for security companies and their employee’s wishing to become Qualified Security Assessors (QSAs). Those who do qualify are then able to assess merchants for compliance against the “12 principles” of the Data Security Standard.
Any security company wishing to certify as a QSA company must ensure that they comply with the requirements of the PCI SSC.
Boxing Orange is proud to be a PCI QSA company.
Any organisation, either Merchant or Service Provider, which stores, processes or transmits Cardholder Data (CHD) is required to comply with the PCI Data Security Standards (DSS). To help you do this, you can employ the services of a QSA company.
A merchants acquiring bank will confirm the appropriate compliance level that needs to be adhered to, and any specific or additional requirements outlined by the Payment Brands.
Currently all Level 1, some Level 2 merchants and Level 1 service providers must have an on-site assessment carried out by a PCI qualified assessor on an annual basis, and provide a Report on Compliance to their acquiring bank.
The process varies depending upon the systems used by the merchant, their allocated merchant level, their existing security posture and PCI compliance status.
Service Providers must complete their annual renewal process prior to the expiry of the current certification, or they will be removed from the list of Compliant Service Providers, which could result in a significant loss of revenue.
The requirements are very clear. A merchant or service provider cannot be partially compliant – they either are compliant or they are not. There is no middle ground.
As a PCI QSA company, we can help you ensure your compliance is never in question.
For further information, please contact one of our PCI DSS specialists on 0113 232 2330 or email pci@boxingorange.com.
