The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard that is mandatory for any organisation that transmits, processes, or stores payment card data. This may be because you are a retailer (Merchant), or provide services to other organisations (Service Provider). ECSC helps Merchants satisfy their bank compliance and reporting obligations, and Service Providers win new business.

In the event of a breach of card data, Merchants are liable for substantial fines, in addition to the inevitable reputation damage and remediation costs that follow; therefore, their own compliance and compliance of their Service Providers is critical.

ECSC was the first UK organisation to achieve PCI DSS Level-1 Service Provider certification for a wide range of IT security managed services.

As Qualified Security Assessors (QSAs), our role is to:

  • Help you understand your PCI DSS compliance obligations and options
  • Support you through a development programme to deploy compliant systems, and remove others from scope
  • Assess you against the standard, either as a Merchant reporting to your bank, or as a Service Provider

We can also support clients in gaining compliance following a breach of card data.

ECSC PCI DSS Managed Solutions

Case Study

PCI Case Study

Understand the challenges some of our clients may face on their journey to PCI DSS compliance, and learn how ECSC can help solve these.

Read Paper

Sign Up

Sign Up For the Latest News, Briefings & Announcements

To understand how ECSC Group plc may use your email address, please view our policy on Privacy and Cookies by clicking here

ECSC Group plc

ECSC has almost two decades' experience in the design, implementation and management of IT security solutions.

Reg No. 3964848

VAT No. 746361914


28 Campus Road
Listerhills Science Park
United Kingdom

+44 (0) 1274 736 223