In May 2018 the PCI Security Standards Council issued the new PCI DSS v3.2.1 release which laid down additional requirements to be met by organizations which provide payment and security services to third parties. The existing 12 high level and 300+ sub-requirements have been extended with new areas in order to improve payment security. Those requirements need to be validated and confirmed through regular annual PCI DSS assessments in order to extend the PCI DSS certificate.
Asseco SEE is one of the early adopters of PCI DSS v3.2.1, which proves that business continuity, change management, multi-factor authentication, incident management and network security have been subject of our continuous improvement targets in day-to-day business. Ongoing compliance with PCI DSS is critical to maintaining a strong defense against compromises of cardholder data. The Visa Global Registry of Service Providers, located at (www.visa.com/onthelist) acknowledges service providers that have shown their commitment to security by meeting the requirements of the PCI Standard.
Generally, the ACS hosting service complies not only with PCI DSS but also with the PCI 3DS and GDPR requirements. Asseco SEE follows updates in industry standards and strives to implement best practices, project methodologies and customer requirements in order to give our clients the best service possible.