With the introduction of a wave of new Eurozone regulation to protect customer data including:

  • the European Banking Authority (EBA) guidelines for minimum security requirements for PSPs across the EU
  • the European Commission’s Payment Services Directive 2
  • the EC’s General Data Protection Regulation.

the regulatory approach to card payments, especially in Europe, is forcing a shift in risk management approaches from voluntary to mandated compliance. How these pieces of legislation interact and align with PCI DSS is complex and may have significant impact for all participants in the card payments business.

So how can merchants, PSPs and acquirers keep up with potentially conflicting EU regulations at the same time as implementing a PCI Program? How do you deal with rapidly evolving payment technologies, new programs such as PCI P2PE V2 and the challenges of picking the best approach to meet your requirements.

Is it even possible to integrate new payment channels securely into existing business models? Is P2PE the silver bullet that everyone hopes it is? How can acquirers and service providers understand the best approach and explain it to the merchant base where security awareness may be low? How do you shift the model to not only achieve initial compliance, but ensure that it can be maintained in a cost effective and pragmatic manner?

We are here to help our clients with solutions to their issues. We can provide you with bespoke consultancy in adhering to multiple PCI Standards including:

  • PCI DSS
  • PCI P2PE
  • PCI PIN

We work closely with our clients and their QSA Company to ensure that clients take appropriate measures to maintain compliance with PCI DSS.

We can also assist our clients with meeting the requirements of P2PE and ensure a smooth process to achieving certification for their solutions.