PCI DSS (Payment Card Industry Data Security Standard) is the security standard for organizations that process, store, or transmit card data. MICAN.ro offers PCI DSS compliance testing, ASV scanning, and penetration testing according to PCI DSS v4.0 for companies in Romania.
PCI DSS is a mandatory standard for any company that accepts card payments (Visa, Mastercard, Amex). Current version PCI DSS v4.0 (March 2022) defines 12 requirements and 400+ security controls organized into 6 objectives: Build and Maintain a Secure Network, Protect Cardholder Data, Maintain Vulnerability Management, Implement Strong Access Control, Monitor and Test Networks, Maintain Information Security Policy. Companies in Romania must demonstrate annual compliance through Self-Assessment Questionnaire (SAQ) or Report on Compliance (RoC) + annual Penetration Testing + quarterly ASV scanning.
MICAN.ro offers PCI DSS services for companies in Romania: PCI DSS Gap Analysis (current compliance evaluation), quarterly ASV Scanning (external vulnerability scanning by PCI SSC approved vendor - in partnership), annual Penetration Testing (requirement 11.4 - internal and external testing according to PCI DSS Penetration Testing Guidance), Segmentation Testing (CDE isolation validation - Cardholder Data Environment), Internal Security Assessment (RoC requirement simulation), Remediation Support (control implementation assistance). Important: online stores and payment processors in Romania must be PCI DSS compliant to process card payments.
PCI DSS is mandatory and non-negotiable for: online stores (e-commerce), payment processors/gateways, any company that stores/processes/transmits card data. PCI DSS non-compliance leads to: hefty fines from card brands ($5,000-$100,000/month), loss of right to process cards, liability for card fraud, massive reputation damage. A PCI DSS breach costs an average of $3.9M + fines. Companies in Romania must understand that PCI DSS is not optional - it is a contractual requirement with the acquiring bank.