PCI Certification and Testing for Payment Systems Security

What is PCI Certification?

Payment Card Industry (PCI) Certification ensures the security of data from payment cards at your establishment/business through requirements established by the PCI Security Standards Council (PCI SSC). These 12 requirements include many well known best practices, such as:

1. Install and maintain a firewall
2. Use unique, custom passwords for systems and other security parameters
3. Protect and limit access to stored cardholder data
4. Encrypt transmission of cardholder data
5. Install anti-virus software/programs and keep it updated
6. Create and maintain systems and applications that are secure
7. Restrict access to cardholder data
8. Unique IDs should be assigned to each person with computer access
9. Restrict physical access to cardholder data
10. Monitor all access to cardholder data and network resources
11. Test security systems and processes regularly
12. Maintain an information security policy for all personnel

The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

Benefits of PCI Certification

PCI compliance helps build trust while giving peace of mind to customers that your business is safe to transact with. In this fast-paced and hectic world, cashless payment solutions help individuals speed up their day-to-day transactions. Securing the technology used to enable those transactions is essential to ensuring trust in the payment solutions as well as the company they're doing business with. PCI Certification puts security first while helping to prevent potentially costly data breaches. 

Intertek's PCI Certification Solutions

As a global centre of excellence for the testing of Payment Systems Security, Intertek has been conducting compliance testing for payment terminals since 2003 across a wide range of national and international standards. Intertek’s services help clients launch products into the exciting field of e-commerce and digital payments while mitigating security risks and confidently meeting industry standards.

Intertek evaluates secure payment devices against a suite of industry security standards to ensure that they adequately mitigate potential security vulnerabilities and meet industry standards. Secure payment devices range from Encrypting PIN Pads, Secure Card Readers, Hardware Security Modules (HSMs), and more. Intertek is an accredited security testing lab which is able to offer a wide range of PCI certifications against standards and national bodies such as the PCI SSC PTS Program, PCI SSC SPoC and CPoC Programs, and AusPayNet, among others.

With connectivity and interoperability at the forefront the modern payment landscape, Intertek is well positioned to provide our customers with a wide range of offerings such as electrical safety testing, vulnerability assessments, penetration testing, and CTIA authorized testing among others, making Intertek the one-stop shop for Payment Systems Security testing.

As a total quality assurance provider for all manner of payment devices, Intertek works with our customers to test and certify your products to sell to your customers within the connected world. Intertek continues to expand the scope of evaluation to further support customers as they navigate the ever-changing e-commerce ecosystem.

Intertek offers the complete range of services to launch connected payment systems and devices:

Hardware Pre-assessment

Rest assured that your products are being designed with the right physical security controls in place from the start and avoid costly re-designs and unexpected delays to product certification.

Document Preparation

With our long history of product evaluation, Intertek can help identify and respond to gaps in documentation required in order to demonstrate compliance.

Software Pre-assessment

Submit products for testing with the confidence that the software design and functional implementation will meet industry standards. This testing can include tests such as source code review, interface fuzzing, and side-channel analysis of cryptographic operations.

Full Assessment

Submit your product for a full end-to-end assessment against industry requirements such as PCI SSC PTS with the confidence that Intertek’s expert evaluators will work with you to ensure a secure and compliant product.