Payment Consulting

Audits and Accreditation: expertise and know-how

 

Our Know-How

Support on the road to accreditation in several areas of the e-money security field

Card data protection - Galitt your PCI, DSS, QSA and EMVCo auditor 

Card data protection
Support and PCI DSS accreditation (QSA auditor)
E-money equipment security - Galitt your PCI, DSS, QSA and EMVCo auditor 

E-money equipment security
Support and compliance studies for PCI PTS POI and EMV Modular Label accreditation
Acceptance flow security - Galitt your PCI, DSS, QSA and EMVCo auditor 

Acceptance flow security
Support and compliance studies for PCI Point-to-Point Encryption (P2PE)
Production and Personalisation - Galitt your PCI, DSS, QSA and EMVCo auditor 

Production and Personalisation
CB Approval Audits for production sites of bank cards
Tokenization Services - Galitt your PCI, DSS, QSA and EMVCo auditor 

Tokenization Services
Support and compliance studies for PCI Token Service Providers
PIN Dematerialisation - Galitt your PCI, DSS, QSA and EMVCo auditor 

PIN Dematerialisation
CB Approval Audits for electronic PIN distribution services 
(SMS, Online Banking)
E-money apps and Security - Galitt your PCI, DSS, QSA and EMVCo auditor 

E-money apps and Security
Support and compliance studies for PA DSS status
 

 

Audits & Certifications

 

PCI Qualified Security AssessorPCI : QSA auditor
SWIFTSWIFT : CSP
PaycertPaycert

 

Our expertise in each sector

Industrial firms

Bank Card Production:

  • Microelectronics
  • Producing plastic materials
  • Inserting and initialising
  • Personalising
  • Electronic PIN distributing
  • Quality systems management
Banks
  • E-money value chain: 
issuing, acceptance, acquisition, compensation, regulation, etc.
  • Non e-money payment means (transfers, withdrawals, etc.)
  • Card data protection within PCI guidelines
Constructors
  • Logical and physical security of equipment
  • EMVCo demands covering development procedures of contactless payment apps
  • Production processes
  • Managing cryptographic keys used to protect card data and PIN
Merchants
  • Acceptance chain
  • Payment systems and apps (in-store, e-commerce, m-commerce)
  • Card data protection (PCI)
Service Providers
  • Handling e-money transactions
  • Tokenization
  • Point-to-point encryption for acceptance flows (PCI P2PE)
E-money app editors
  • Development cycles
  • Secure coding techniques
  • Data storage regulations
  • Security tests and code review
CONTACT : Coralie CHEVALLIER

contact-buco@galitt.com