Secure networks and systems
A secure network must be maintained, where transactions can be carried out without causing unnecessary inconvenience to cardholders and suppliers.
PCI DSS
PCI DSS
Directive to bolster the security of credit and debit card use
Since the advent of e-commerce and digital transactions in society, card details have been a highly sought-after by cyber criminals, and so-called CNP (card not present) fraud is now the type of fraud that is increasing most in this country. To curb the growth of card fraud around the world, the PCI DSS framework was established to strengthen the security of credit and debit card use. The standard is backed by the five major credit card companies, Mastercard, Visa, JCB, Discover and American Express.
- 5,3 %
- of Sweden’s population were victims of card fraud in 2019
- 3,5 %
- The CNP frauds in Sweden increased in 2019
- 411
- million was lost in card fraud in the EU in 2019
consequences
What are the consequences of non-compliance?
Warning or fine of varying degrees
Withdrawn permission to receive card payments
Obligation to repay affected customers
security requirements
What security requirements are imposed by PCI DSS?
Protected card information
Data such as the card number, card verification code and PIN must always be stored securely, in non-readable form.
Protection against vulnerabilities
Anti-virus, anti-spyware and anti-malware solutions shall be up to date, and new systems and applications shall be developed and maintained with security in mind.
Access control
Access to system information and operations shall be limited and controlled to business "need to know".
Monitoring and testing
Networks and systems must be monitored and tested regularly to ensure that all security measures and processes are in place, are working properly and are kept up to date.
Security policy and other security requirements
A formal information security policy must be established, maintained and adhered to by all parties.
Solutions
How we help you be compliant
Advisory services
We can help you both before and during your journey towards PCI certification: from advice to active support.
BlueSOC
Daily log analysis is required to comply with PCI DSS. From our SOC, activities and incidents are monitored, analysed and managed by our security analysts around the clock.
Security testing
Regular security testing is a requirement to become PCI DSS compliant. Our penetration testers have extensive experience of testing networks and applications according to the framework.
A few words from one of our customers
“When we met Sentor, we quickly established a good relationship – personal chemistry is extremely important to us. Something else that stood out from other suppliers was their ability to start by determining and communicating the activities that had the greatest effect on our work and that we should therefore prioritise. It became very hands on when we could see an immediate business benefit.”
Contact us
We offer several contact routes and provide feedback as soon as possible. If you have sensitive information, we ask you to use the encrypted method.
+46 8 545 333 00
We answer 24/7info@sentorsecurity.com
For general inquiriessoc@sentorsecurity.com
Use our PGP-key