Secure networks and systems
A secure network must be maintained, where transactions can be carried out without causing unnecessary inconvenience to cardholders and suppliers.
PCI DSS
PCI DSS
Directive to bolster the security of credit and debit card use
- 5,3 %
- of Sweden’s population were victims of card fraud in 2019
- 3,5 %
- The CNP frauds in Sweden increased in 2019
- 411
- million was lost in card fraud in the EU in 2019
consequences
What are the consequences of non-compliance?
Warning or fine of varying degrees
Withdrawn permission to receive card payments
Obligation to repay affected customers
security requirements
What security requirements are imposed by PCI DSS?
Protected card information
Data such as the card number, card verification code and PIN must always be stored securely, in non-readable form.
Protection against vulnerabilities
Anti-virus, anti-spyware and anti-malware solutions shall be up to date, and new systems and applications shall be developed and maintained with security in mind.
Access control
Access to system information and operations shall be limited and controlled to business "need to know".
Monitoring and testing
Networks and systems must be monitored and tested regularly to ensure that all security measures and processes are in place, are working properly and are kept up to date.
Security policy and other security requirements
A formal information security policy must be established, maintained and adhered to by all parties.
Solutions
How we help you be compliant
BlueSOC
Daily log analysis is required to comply with PCI DSS. From our SOC, activities and incidents are monitored, analysed and managed by our security analysts around the clock.
Audits
When it’s time for an audit, it must be approved by an accredited auditor. As a Qualified Security Assessor (QSA), we can perform PCI DSS Assessments.
Security testing
Regular security testing is a requirement to become PCI DSS compliant. Our penetration testers have extensive experience of testing networks and applications according to the framework.
Advice
We can help you both before and during your journey towards PCI certification: from advice and assistance in implementing controls, to the certification itself.
A few words from one of our customers
“When we met Sentor, we quickly established a good relationship – personal chemistry is extremely important to us. Something else that stood out from other suppliers was their ability to start by determining and communicating the activities that had the greatest effect on our work and that we should therefore prioritise. It became very hands on when we could see an immediate business benefit.”
Contact us
We offer several contact routes and provide feedback as soon as possible. If you have sensitive information, we ask you to use the encrypted method.
+46 8 545 333 00
We answer 24/7info@sentorsecurity.com
For general inquiriessoc@sentor.se
Use our PGP-key