Crafted to augment and promote cardholder data security and to implement a standardized global data security measures, the PCI Data Security Standard (DSS) applies to all entities that store, process, and/or transmit account data. These entities include merchants, service providers (e.g. payment gateway, processor), issuers and acquirers who accept or process account data.
With 12 foundational requirements categorized into six general overviews, the process of becoming compliant can be overwhelming as methods used to validate compliance differ between entities, depending on their size and the method of card acceptance.
UL provides services concerning PCI DSS such as assessment, pre-assessment, and consultancy. Our trained Security Engineers work with product developers to provide an efficient evaluation of their Point of Interaction (POI) devices, and our effective approach has allowed us to be one of the leading PCI device security laboratories.
UL is also the only Approved Application Scanning Vendor Validator (ASVV) and Consumer Electronic Clearing System Approved Evaluation Facility.