Industry solutions
PCI Compliance Services
TELUS PCI Complaince services help you meet the Payment Card Industry Data Security Standards.
You need to comply with the Payment Card Industry Data Security Standards (PCI-DSS) when storing, processing or transmitting credit card data. These standards have been designed to demonstrate the industry's commitment to deliver high levels of security in protecting the integrity of cardholder data.
If one or more of the PCI-DSS requirements are not met, organizations can face punitive measures such as fines, revocation of the privilege to process credit, and non-issuance of a compliance certificate. The risks of not achieving PCI compliance include loss of credibility, damage to your reputation, and even business closure.
Our TELUS PCI compliance services meet the broad needs of the business community:
Merchants - Complete the Self Assessment Questionnaire (SAQ) online and have it validated, automate vulnerability scans, and have a Qualified Security Assessor (QSA) on-site for PCI-DSS Assessments
Merchant Acquirers - Manage your merchant PCI requirements
Service Providers - Provide your merchants with PCI-compliant services
Payment Application Vendors – Provide your merchants with secure payment applications that do not store prohibited data
TELUS has Qualified Security Assessors (QSAs) and Payment Application Assessors (PA-QSAs) located across the country. If weaknesses are detected during your PCI compliance assessment, the TELUS team of security professionals can be engaged to provide expert security consulting to remedy the problems identified. Our security professionals can provide you with PCI compliance services, including:
- PCI Scanning and SAQ Validation - Getting a PCI Certificate. Access to TELUS PCI Portal to run automated PCI scans and respond to the appropriate SAQ based on your business nature. Applicable for all Merchants
- On-Site PCI Assessments - Getting a successful Report on Compliance (ROC). Applicable for level one Merchants, level 1 & 2 Service Providers and level 2 - 4 Merchants (optional)
- PCI Remediation Services - Addressing PCI-DSS gaps. Applicable to all Merchants and Service Providers
- Payment Application Data Security Standard (PA-DSS) Assessment - Provide Secure Payment Applications. Applicable to Software Vendors
Why TELUS
Your Requirements
- Remote PCI scan and validation of Self Assessment Questionnaire (SAQ)
Service Description
All merchants are required to complete an annual Self-Assessment Questionnaire (SAQ) based on the PCI Data Security Standards and in most cases, have it validated by a Qualified Security Assessor (QSA). Also you must undergo a vulnerability scan once every quarter . These services have to be provided by a QSA and an Approved Scanning Vendor (ASV).
TELUS is both a QSA and an ASV. We are pleased to offer online services for completing the SAQ, validation, and performing automated vulnerability scanning through our TELUS PCI Portal.
Offerings
- Online PCI Portal
- Telephone Service for SAQ review & validation
- PCI External Scanning
- PCI Certificate
Your Requirements
- On-site PCI Assessment
Service Description
We are a Canadian/National Qualified Security Assessor (QSA) that can work with your organization to achieve PCI compliance in a cost-effective manner. We have QSAs all across Canada to assist in on-site PCI assessments.
TELUS is also an Approved Scanning Vendor. We are pleased to offer online services for completing the SAQ, validation, and performing automated vulnerability scanning, through our PCI Portal.
Offerings
- Service are offered in English and French
- Online PCI Portal
- Annual subscription for unlimited external Scans
- On-site Assessment, Testing and Gap Analysis
- Remediation and Action Plan
- Successful Report on Compliance (ROC)
- PCI Certificate
Your Requirements
- Assistance with remediation
- Preparing for next Audit
Service Description
If weaknesses are detected during the PCI compliance assessment, the TELUS team of security professionals can be engaged to provide expert security consulting to remedy the problems identified.
Our TELUS PCI Compliance services provide merchants and service providers with support to assist in interpreting the assessment results, and determining cost effective ways to become compliant.
We also offer a PCI Action Plan, in which we identify and recommend the steps an organization must take to help them become compliant quickly and cost effectively. Action Plans are uniquely tailored based on the results of the PCI compliance assessment. Merchants who do not pass their PCI compliance assessment must submit a copy of their PCI Action Plan to their merchant acquirer.
Offerings
- Remediation Plan preparation, communication and execution
- Identification of required products and services
- Implementation services
Your Requirements
- Have payment application compliant with the Payment Application Data Security Standard (PA-DSS)
- Payment Application Qualifed Security Assessor (PA-QSA) assistance
- Support in remediation
Service Description
Software vendors that develop payment applications to be sold, distributed or licensed to third parties are subject to the Payment Application Data Security Standard (PA-DSS) requirements.
The aim of the standard is to help develop secure payment applications do not store prohibited data, such as full magnetic stripe, CVV2 or PIN data, and ensure the applications support compliance with the PCI DSS.
TELUS is a Payment Application Qualified Security Assessor (PA-QSA). TELUS can assess your applications, provide recommendations, and assist you in the remediation process to make your payment applications PA-DSS compliance and get certified.
Offerings
- On-site PA-DSS Assessment, Testing and Gap Analysis
- Remediation and Action Plan
- Successful Report on Validation (ROV)
- PA-DSS Certificate
For information or to order
Please email us.
TELUS PCI Portal
Access your TELUS PCI Portal
Download a brochure
PCI Compliance Services
(252 KB)
TELUS announces successful acquisition of Emergis
Download Webinar
Listen to PCI Compliance Success Strategies
Download Case Study
Download the Visa case study