As a Qualified PIN Assessor (QPA) ControlCase can validate organizations’ compliance to the PCI PIN standard.
ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced its latest achievement – PCI Qualified PIN Assessor. Qualified PIN Assessor (QPA) companies are security organizations that have been authorized by the PCI Security Standards Council (PCI SSC) to validate an entity’s adherence to the PCI PIN Standard. This latest achievement demonstrates ControlCase’s expertise and commitment to partnering with clients and providing comprehensive services that address all aspects of IT governance, risk and compliance.
Version 3.0 of the PCI PIN Security Requirements and Testing Procedures Standard was published August 2018 by the PCI SSC. The Standard was a result of collaboration between PCI SSC and the Accredited Standards Committee (ASC X9) to develop PCI PIN security requirements, which incorporate TR-39 into the existing PCI PIN security requirements; thereby creating a unified standard for all payment stakeholders. The Standard promotes the secure management, processing and transmission of all PIN data at ATMs as well as attended and unattended point-of-sale (POS) terminals. Organizations that demonstrate compliance to the PCI PIN Standard provide confidence to their stakeholders that they are dedicated to the continued integrity of PIN data and to minimizing risk to key generation and operations.
“The Qualified PIN Assessor status positions ControlCase as one of the few organizations that offer a full suite of PCI compliance mandates including PCI PIN, PCI DSS, PA DSS and P2PE,” said Kishor Vaswani, CEO – ControlCase.
“ControlCase’s methodology for PIN Security and Key Management audit includes evaluating the client’s technical, logical and procedural controls against the PCI PIN guidelines and working in partnership to enable secure management, processing and transmission of PIN data during online and offline payment card transactions at ATMs and POS terminals,” said Vaswani.
The collaboration between PCI SSC and ASC X9 to create the PIN Security Standard has been instrumental to acquiring institutions and other organizations (eg: KIF and Certification Processors) that are required to comply with the rules set by both entities.
About ControlCase:
ControlCase is a global provider of certification and continuous compliance services. ControlCase is committed to partnering with clients to develop strategic information security and compliance programs that are simplified, cost effective and comprehensive in both on-premise and cloud environments. ControlCase provides the best experts, customer experience and technology for regulations including PCI DSS, HITRUST, ISO 27001, SOC1, SOC2, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR and FedRAMP.