Skandinaviska Enskilda Banken (publ), SEB Kort AB (Euroline), one of the leading acquiring banks in the Nordic countries, and AmbironTrustWave Ltd., a leading provider of information security and compliance management solutions, are launching a partnership to offer Payment Card Industry Data Security Standard (PCI DSS) compliance services to all Euroline merchants.
PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder, and encompasses the security standards of all the major card brands – Visa International, MasterCard Worldwide, Discover Network, American Express and JCB. Merchant compliance requirements are segmented into four levels based on the number of transactions a merchant processes annually.
The partnership enables all Euroline merchants to access AmbironTrustWave’s data security services and technology necessary to validate PCI DSS compliance including:
Risk Profiler – AmbironTrustWave Ltd.’s online risk assessment tool enables merchants to identify their risk of a credit card compromise. Through a short questionnaire, merchants obtain a risk score, which is based on several criteria including transaction volume and acceptance channels.
PCI DSS Self Assessment Questionnaire (SAQ) - An approved list of questions about the security controls on a merchant's transaction network. Some of the SAQ is pre-populated based on the merchant’s responses to the Risk Profiler.
Vulnerability Scanning – Through AmbironTrustWave Ltd.’s TrustKeeper, an online risk management portal, merchants are able to launch a remote scan of their transaction network to detect weaknesses that could be exploited by hackers or unauthorized third-parties.
Remediation Recommendations - A Compliance Report includes data gathered from the questionnaire and scan, and outlines actions required to address any vulnerabilities.
On-site Audit - Per PCI DSS regulations, an on site audit is required annually for large or Level 1 merchants.
“This programme represents a total solution for PCI DSS compliance for all Euroline merchants and enables us to mitigate the risk associated with hacking and other online hazards that contribute to credit card theft and fraud,” said Per Åström, CEO Euroline.
Euroline’s portfolio of Merchants will be risk analyzed and placed into TrustKeeper for PCI DSS compliance. Merchants will have access to the self-assessment questionnaire, vulnerability scanning engine, email support and online remediation opportunities.
"With the launch of a program to help merchants protect the credit card data they process and transmit, Euroline has reinforced its position as one of the leading acquiring institutions in Europe,” said Robert McCullen, Chairman and CEO, AmbironTrustWave, the parent company of AmbironTrustWave Ltd. “The partnership between AmbironTrustWave Ltd. and Euroline is a great example of industry leaders working together to provide the latest solutions to protect merchants and consumers."