IT security and compliance specialist Galix Networking has obtained certification in two more payment card industry (PCI) standards – PCI point-to-point encryption (P2PE) Assessor, and Card Production and Provisioning as Card Production Security Assessor (CPSA).
These extra certifications enable Galix auditors to cater to a wider range of client requirements, while simplifying compliance with the PCI DSS standard.
Simeon Tassev, MD of Galix Group, says rounding out his organisation’s PCI certification and audit capabilities helps them to provide a more holistic service to customers.
“This is a niche market in Africa and in SA in particular, and we are among the few organisations to provide this type of service locally. The P2PE standard ensures that appropriate encryption standards are in place across the payment card chain to protect sensitive payment data, from the physical point of sale device through to the bank.”
He says the PCI DSS standard has more than 240 controls that need to be put into place, but if the merchant makes use of a certified P2PE solution, there are fewer than 25 that need to be considered.
The CPSA standard enables Galix auditors to certify the entire payment card process from manufacturing and production through to provisioning and personalisation, Tassev adds.
“The moment a card has a chip in it and is linked to a bank, there is risk and potential for fraud, which makes security imperative. This has become increasingly important as new payment methods like virtual cards become more commonplace, as these must still adhere to stringent security standards even though there is no physical card.”
He says point-to-point encryption is becoming a global best practice standard and ensuring that solutions used are certified not only protects customers and their information, but simplifies other compliance processes.
Share