PCI-DSS – secure standard for credit card data

In 2005, the international card organisations agreed on the Payment Card Industry (PCI) Data Security Standard (DSS). The PCI-DSS defines the uniform procedure when implementing security requirements for secure storage and management of credit card data. The PCI data protection standards summarise the testing requirements of the programs operated by VISA (Account Information Security - AIS) and MasterCard (Site Data Protection - SDP). Thanks to the common uniform standards, traders or payment service providers (PSPs) can complete the certification process for both card systems in a single pass. In detail, PCI-DSS contains 12 security requirements, which are explained in the Payment Card Industry (PCI) data security standard.

Services offered by achelos in and around PCI-DSS

Services for PDI-DSS:

  • Security assessment of computer networks on the basis of the PCI-DSS requirements
  • Drafting security concepts for migration of computer networks to comply with PCI-DSS
  • Implementation of the security concepts:
    • Secure identification of authorised users
    • Protection of the saved data of credit card holders using a suitable encryption method
    • Encrypted transfer of credit card holder data in public networks
    • Access protection mechanisms for the purpose of restricting access to credit card holder data
    • Logging all access to network resources and credit card holder data
  • Drafting company guidelines with stipulations on information security for employees and contractual partners
  • Quality assurance
  • Project management
  • General consulting around PCI-DSS

Holger Volke

Technical Director


+49 5251 14212-302