If your company's success is based on protection, processing, storage or transmittal of client payment card data, then you have a responsibility to protect it. Merchants often misinterpret PCI DSS compliance guidelines and mistakenly believe they have met their obligation. The only way to be confident your organization can pass a PCI audit, is to have a PCI DSS auditor assess your readiness. Omnilab's approach is a hands-on remediation plan to augment your PCI compliance program, covering each incremental change for the most common and serious security gaps subjecting you to failure of a PCI DSS audit, resulting in substantial fines and penalties.


  • Multi-Factor Authentication Requirements for access to the card data environment
  • Catalogs for Designated Entities Validation (DESV) for service providers
  • Defined requirements for masking primary account numbers
  • Clear requirements for monitoring critical security control systems
  • Frequent and scheduled penetration testing for service providers
  • Defined requirement for service providers to have a compliance program
  • Framework around quarterly P&P compliance reporting