Skip to content
UniPayGateway
  • Why UniPay?
    • Merchant
    • ISO
    • Software Provider
    • Billing Company
    • Collections Company
  • Payment Solution
    • Payments as Service
    • White Label Gateway
    • On-Premises Solution
    • EMV Terminal Solutions
    • PayFac Model
  • Pricing
  • Services
    • Legacy System Replacement
    • Processing Consolidation
    • Payment Ecosystem Landscaping
    • PayFac Implementation
    • EMV Implementation
  • Webinars
  • Resource Hub
    • Trending Articles
    • Guides
    • Press Releases
    • Payment Advice
    • Infographics
    • Expert Consultation
    • UniPay Modules
    • Video Guides
    • FAQ
Demo
Home UniPay Gateway Payment Advice PCI scope

PCI scope

Share

Every company, which accepts credit card payments and handles cardholder data, falls into the so-called PCI scope. It means that, in accordance to payment card industry (PCI) requirements, it has to go through regular PCI audit. In order to be PCI compliant, the company has to perform tokenization of card numbers. However, technically, if the company does not use any software which handles unencrypted card data, it remains out of PCI scope.

PCI Compliance

If a company wants to optimize its infrastructure in terms of PCI compliance and either get out of PCI scope completely, or reduce its “exposure” and audit costs, it needs to answer some fundamental questions and perform some essential steps. The company needs to define, whether it needs to handle different payment types: card present, card-not-present, and recurring payments are involved. It also has to analyze all applications it uses, front-end systems it is connected to, and processing solutions its merchants use. When this information is obtained, the company needs to come up with an optimal new solution and discuss it with a PCI auditor. After that it has to address several important issues, such as card storage and card flow, prioritization of payment ecosystem components, integrations with processors and providers of tokenization services and point-to-point encryption solutions, migration of cardholder data, and others.

These critical issues provide the basis for a strategy of getting out of PCI scope (or at least exposure level reduction). The strategy is described in greater detail in the respective article on Paylosophy.

Question
Question?

Let us help you envision UniPay as part of your business

Request Demo

Our Blog
Our Blog

For expert payment advice, please visit our blog at Paylosophy.com

Visit Paylosophy

With UniPay, you have the options of a flexible "payment as a service" model, an affordable white-label payment gateway solution, or a full on-premise software license, which ensure the top-quality payment processing experience for businesses of any size.

Payments as a service

White Label Payment Gateway

On-Premises Pricing Model

EMV terminal solutions

PayFac Model

Request Demo

Our Services

  • Legacy System Replacement
  • Processing Consolidation
  • Payment Ecosystem Landscaping
  • PayFac Implementation
  • EMV Implementation

Who Are You?

  • Merchant
  • ISO
  • Software Provider
  • Billing Company
  • Collections Company

Social Media

  • Paylosophy
  • Facebook
  • Twitter
  • YouTube

Copyright © 2023 United Thinkers LLC

All Rights Reserved | Privacy Policy

All Logos and Trademarks used or mentioned on this page are copyrighted property of their respective owners and are used for display purposes only.