Monthly Archives: November 2009

PCI Qualified Security Assessor | PCI QSA | Call NDB Advisory

Looking for a PCI Qaulified Security Assessor (QSA) who is cost-effective, has years of experience in performing these types of audits and can assist your organizatin with all your PCI DSS needs? If so, then contact NDB Advisory, a nationally recognized boutique QSA firm specializing in PCI DSS assessments.

NDB Advisory offers a comprehensive, cost-effective and workable approach for meeting compliance with the Payment Card Industry Data Security Standards provisions. A structured PCI DSS Roadmap for compliance is undertaken for ensuring your organization is fully aware of the scope of the assessment along with the time, efforts and internal commitments required by you.

NDB Advisory has conducted PCI DSS assessments for a large range of companies. Additionaly, we have also worked with a number of smaller organizations who only have to "self assess" against the PCI DSS standards, but still needed the expert advice of a Qualified Security Assessor (QSA).

Additionally, you can email me directly at with any questions you may have regarding Payment Card Industry Data Security Standards (PCI DSS) compliance, and I will be more than happy to assist you in any way I can.

Good luck on PCI compliance.

PCI DSS | Industry Terminology you Should Know

If you are a merchant or service provider and the Payment Card Industry Data Security Standards (PCI DSS) provisions are being required for your organization, then take some time to learn about industry terminology that will ultimately give you a better grasp of the who, what, where and why of PCI DSS compliance.

  • Cardholder: This is the customer purchasing goods either as a "card present" or "card not present" transaction. The customer is the individual who receives the payment card and bills from the issuer.
  • Issuer: Bank or other organization issuing a payment card on behalf of a Payment brand., such as MasterCard and Visa.  Additionally, some payment brands issue cards DIRECTLY, such as American Express, Discover Card and JCB.
  • Merchant: The organization accepting the payment card for payment during a purchase.
  • Acquirer: This is the bank or entity that the merchants uses to process their payment card transactions.  They essentially receive the authorization request from the merchant and forwards it to the issuer for approval. The acquirer also provides authorization, clearing and settlement services to merchants. Lastly, the acquirer is also called a merchant bank, ISO, a payment brand (AMEX, Discover, JCB), but NEVER Visa or MasterCard.

To learn more about the Payment Card Industry Data Security Standards (PCI DSS) provisions, visit the official PCI DSS Resource Guide