ABOUT US
CAREERS
RESOURCES
BLOG
CONTACT

SUITE OF SERVICES

SOC EXAMINATIONS
ISO CERTIFICATIONS
PAYMENT CARD ASSESSMENTS
FEDERAL ASSESSMENTS
CLOUD SECURITY ASSESSMENTS
HEALTHCARE ASSESSMENTS
CSA STAR PROGRAMS
PRIVACY ASSESSMENTS
CYBERSECURITY ASSESSMENTS
FINANCIAL SERVICES ASSESSMENTS

RESOURCES

SOC RESOURCES
ISO RESOURCES
PAYMENT CARD ASSESSMENTS RESOURCES
FEDERAL ASSESSMENTS RESOURCES
SECURITY ASSESSMENTS RESOURCES
HEALTHCARE ASSESSMENTS RESOURCES
CSA STAR PROGRAMS RESOURCES
PRIVACY ASSESSMENTS RESOURCES

ABOUT US
CAREERS
SERVICES

ALL SERVICES
SOC EXAMINATIONS
ISO CERTIFICATIONS
PAYMENT CARD ASSESSMENTS
FEDERAL ASSESSMENTS
SECURITY ASSESSMENTS
HEALTHCARE ASSESSMENTS
CSA STAR PROGRAMS
PRIVACY ASSESSMENTS

BLOG
CONTACT

All Services
Payment Card Assessment

PAYMENT CARD ASSESSMENT

PCI DSS, PA-DSS, and PCI P2PE Validations

TALK WITH A SPECIALIST RESOURCES

Webinar Replay: PA-DSS and App Security

Security risks associated with payment applications have never been greater or more publicized. Get expert insight into PA-DSS and application penetration testing, the requirements, where they apply, how they play a role in securing payment applications and much more.

DOWNLOAD THIS RESOURCE

PCI DSS VALIDATION

The PCI DSS applies to all entities, both service providers and merchants, that store, process, and/or transmit cardholder data. It covers technical and operational system components included in or connected to cardholder data. Our professionals utilize the current PCI DSS including the testing methodology, prioritized approach, quality assurance standards, and other reporting procedures set forth by the PCI Council.

LEARN MORE

PA-DSS VALIDATION

A PA-DSS validation ensures payment authorization security. The standards for authorization are maintained by the PCI Security Standards Council. A PA-DSS Qualified Security Assessor, Schellman provides a thorough payment application review so you can be sure your technology is PA-DSS compliant. Testing can occur both on-site or from one of Schellman's laboratories.

LEARN MORE

PCI P2PE VALIDATION

P2PE makes payment card data unreadable — and less valuable — until it reaches a secure decryption environment. Protect your company and your customers' data with a P2PE Qualified Security Assessor like Schellman. Our experts provide your company with validation of its secure hardware-based point-to-point encryption solutions. Schellman provides both QSA and PA-QSA P2PE services.

LEARN MORE

GET MORE FROM YOUR

PAYMENT CARD ASSESSMENT

Our experts can help you make the most out of your payment card assessment by providing scoping assessments, readiness assessments, and on-site validations

SCOPING ASSESSMENT

Schellman will conduct interviews and review network, data flow documentation, and configuration information to help the client determine where cardholder data may exist. Additionally they will review network diagrams and configurations to identify segmentation utilized to reduce the scope of an assessment and document and confirm the scope for a subsequent PCI annual on-site validation.

READINESS ASSESSMENT

Schellman will evaluate proposed architectures for alignment with the PCI and perform a high-level review of key controls in place. They will identify gaps and provide feedback on common “problem areas” for PCI including encryption, application development, logging, and policy management.

ANNUAL ON-SITE VALIDATION

Schellman will conduct a thorough assessment against the current PCI DSS based on a defined testing methodology and quality assurance standards.They will issue a formal Report on Compliance (ROC) and Attestation of Compliance (AOC) for PCI assessments and Reports of Validation (ROV) and Attestations of Validation (AOV) for PA-DSS and P2PE enagements.

TALK WITH ONE OF

OUR SPECIALISTS

Our Schellman teams have experience performing hundreds of PCI validations.
We’re here to answer any questions.

ABOUT CONTACT PRIVACY