PCI DSS Standard Compliance Services

On-Site Technology provides PCI DSS Standard Compliance services, including SAQ A, SAQ A-EP, SAQ B-IP, SAQ C-VT, & SAQ C.

History of PCI DSS Standard


PCI DSS Standard (Payment Card Industry Data Security Standard) is a global standard that establishes technical and operational criteria for protecting credit card payment data. The PCI Security Standards Council (PCI SSC) issued version 4.0 of the PCI Data Security Standard (PCI DSS) on March 31, 2022. The PCI DSS is a global standard that establishes a baseline of technical and operational standards for protecting account data.

PCI DSS Standard Compliance

PCI DSS Standard v3.2.1 has been upgraded v4.0


PCI DSS Standard v4.0 replaces PCI DSS version v3.2.1 to address emerging threats and technologies better and provide innovative ways to combat new threats. After v4.0 was launched, PCI DSS v3.2.1 will be operational for two years. This transition period from March 2022 to March 31, 2024 is intended to provide organizations with time to familiarize themselves with the changes in PCI DSS. In addition to the transition period when PCI DSS v3.2.1 and v4.0 will be active, organizations must implement new requirements identified as best practices in PCI DSS v4.0 by March 31, 2025.

Who is Subject to PCI DSS?


PCI DSS Standard requirements apply to all system components, including people, processes and technologies included in the cardholder data or cardholder data environment, and to the storage, processing or transmission of card data linked to that environment that accept credit cards. All organizations that accept credit cards are required to meet a total of 12 PCI DSS requirements. Compliance requirements vary depending on the type and volume of transactions carried out by the company and are determined by the acquiring bank.  Layered cybersecurity services for your organization assist in fulfilling these requirements.

The 6 Control Objectives

Build and maintain a secure network and systems

Protect cardholder data

Maintain a vulnerability management program

Implement strong access control measures

Regularly monitor and test networks

Maintain an information security policy

PCI DSS Standard Compliance
Compliance Services

The 12 Requirements for Compliance


The PCI DSS Standard twelve requirements for building and maintaining a secure network and systems can be summarized as follows:

Installing and maintaining a firewall configuration to protect cardholder data

Changing vendor supplied defaults for system passwords and other security parameters

Protecting stored cardholder data

Encrypting transmission of cardholder data over open, public networks

Protecting all systems against malware and performing regular updates of anti-virus software

Developing and maintaining secure systems and applications

Restricting access to cardholder data to only authorized personnel

Identifying and authenticating access to system components

Tracking and monitoring all access to cardholder data and network resources

Testing security systems and processes regularly

Assistance with audits

Maintaining an information security policy for all personnel

Requirement Declaration


It defines the main description of the requirement. The endorsement of PCI DSS is done on the proper implementation of the requirements.

Testing Processes


The processes and methodologies carried out by the assessor for the confirmation of proper implementation.



 It explains the core purpose of the requirement and the corresponding content which can assist in the proper definition of the requirement.


Find out more about our PCI DSS Standard compliance services today.

    Your Name (required)

    Your Email (required)


    Your Message

    Sign Up to Our Newsletter

    Sign Up to Receive Weekly Specials