Content

McAfee® PCI Certification Service

Certification that isn't a burden.

Sidebar

Ready to Buy?

McAfee PCI Certification Service

The payment card industry developed the Payment Card Industry Data Security Standard (PCI DSS) in response to the overwhelming number of credit card data thefts by hackers. All organizations that capture, process, or store credit card data must demonstrate proof of compliance. The McAfee PCI Certification Service provides step-by-step guidance and real time analysis of your compliance status, so that you can successfully navigate and complete the PCI DSS requirements.

Tens of thousands of organizations around the world trust McAfee to audit their PCI compliance status. McAfee PCI Certification Service includes scanning, remediation assistance, technical support, self-assessment questionnaire, and validation of your compliance status. The service is easy to use and specially designed for Level 2, 3 and 4 merchants that need to successfully and confidently complete PCI certification.

When you need to meet PCI compliance, turn to McAfee, the world's largest dedicated security company and PCI Approved Scanning Vendor

Data Sheet

Related Products

Self-assessment questionnaire selection wizardUse our simple selection tool to determine which of the five versions of the self-assessment questionnaire (PCI standard 1.2) to complete.

Quarterly and on-demand scanningMeet PCI DSS security scanning requirements. Our automated PCI compliance scanning uses an approved three-step process that includes dynamic port scanning, port-level network services vulnerability testing, and web application vulnerability testing. Launch on-demand scans whenever necessary.

Unlimited technical supportTake advantage of unlimited support from security specialists (available 7 a.m. - 7 p.m. PST). Whatever your question, our experienced team is there to help you.

PCI compliance reportsGenerate a validation report to submit to your merchant bank or payment service provider as proof of your compliance.

Achieve PCI DSS compliance quicklyComplete all requirements rapidly and confidently with our accurate, easy-to-use online system. We provide tools and guidance to help you navigate through the PCI process.

Continue to demonstrate complianceRemain in compliance and never miss submitting a quarterly validation report. Validation scans run automatically every 90 days.

PCI Data Security Standard - Compliance Validation Requirements

Close

Level	Description	Compliance Validation Requirements
1	All merchants processing a total of more than 6 million card transactions annually on the Discover network. All merchants required by another payment brand to validate and report their compliance as a Level 1 merchant	Complete an annual on-site assessment using the PCI DSS Requirements and Security Assessment Procedures. On-site assessment may be performed by a Qualified Security Assessor OR merchant's internal auditor Complete Quarterly Network Vulnerability Scans performed by an Approved Scanning Vendor
2	All merchants processing a total of 1 million to 6 million card transactions annually	Complete an annual self-assessment using the applicable PCI DSS Self-Assessment Questionnaire (SAQ) Complete Quarterly Network Vulnerability Scans performed by an Approved Scanning Vendor
3	All merchants processing a total of 20,000 to 1 million e-commerce transactions annually	Complete an annual self-assessment using the applicable PCI DSS SAQ Complete Quarterly Network Vulnerability Scans performed by an Approved Scanning Vendor
4	All other merchants	Annual self-assessment using the applicable PCI DSS SAQ Quarterly Network Vulnerability Scans performed by an Approved Scanning Vendor as appropriate Validation and reporting requirements may be determined by the payment brand and/or merchant's acquirer.

Why PCI ?The Payment Card Industry (PCI) Data Security Standard is not mandated by McAfee. It is required of all merchants that store, process, or transmit cardholder data. A merchant is defined as any entity accepting payment via any form of payment card. The program applies to all payment channels, including retail (brick-and-mortar), mail/telephone order, and e-commerce. The PCI standard is endorsed by all credit card brands within their respective programs, including Visa (CISP and AIS programs), MasterCard (SDP), American Express, DiscoverCard and JBC.

The Data Security StandardThe PCI Data Security Standard consists of twelve basic requirements and corresponding sub-requirements. You can review them here.

Certification of ComplianceSeparate and distinct from the mandate to comply with the PCI Data Security Standard is the certification, or validation, of compliance whereby entities verify and demonstrate their compliance status. It is a fundamental and critical function that identifies and corrects vulnerabilities, and protects customers by ensuring that appropriate levels of cardholder information security are maintained.

Compliance ValidationCompliance validation requirements are based on the annual volume of transactions, the potential risk, and exposure introduced into the payment system by merchants and service providers.Click here for requirements.

Free ConsultationVisit the home of the PCI Security Standards Council for more information. You can also call us toll-free at (877) 302-9965 for a free consultation with one of our Security and Compliance Specialists.

After you complete the form below, you will receive an e-mail containing login instructions for our Vulnerability Management Portal. The Portal provides everything you'll need to complete your PCI certification easily, quickly and completely.

McAfee PCI Certification Service

Contact Information

Address

Choose Your Level of Service

Payment Information Use Contact Address

Expiration Date(Required):

BY CLICKING THE I ACCEPT BUTTON OR CHECKBOX IN THE REGISTRATION PAGES OF THE SERVICES, THE ENTITY YOU REPRESENT (THE CUSTOMER) IS HEREBY AGREEING WITH MCAFEE, INC. (MCAFEE) TO THE FOLLOWING TERMS OF SERVICE AND ANY TERMS INCORPORATED HEREIN BY SPECIFIC REFERENCE (COLLECTIVELY, THE TERMS).

Definitions

* Network Security Audits are audits conducted to ascertain the compliance of network Devices with certain published security standards and to disclose security vulnerabilities and may include, but are not limited to, port scanning and port connections, evaluating services by checking versions and responses to certain requests, and crawling a website to perform testing of forms, application responses, or the confirm the existence of certain files.
* Services means those services offered by McAfee that are branded by McAfee as McAfeeSECURE services or McAfee Secure for WebSites that have been purchased by Customer, and are provided for the purposes of conducting Network Security Audits
* Web-site means the McAfee systems accessible by the Internet that facilitate, provide or describe the Services.
* Devices means computer hardware, network, storage, input/output, or electronic control devices, or software installed on such devices.
* IPs means Internet Protocol addresses.

Ineligible Parties

To the extent permissible by law, Customer is ineligible to subscribe to the Services if: (1) Customer is a competitor of McAfee, (2) Customer or its employees using the Services have been convicted for any computer or Internet related crimes, (3) Customer is more than sixty (60) days past due on any monies owed to McAfee, or (4) Customer is located in a region that is prohibited from using the Services by law.

Your Identity and Authority

Customer agrees to provide current, accurate information in all electronic or hardcopy registration forms submitted in connection with the Services. Customer agrees not to impersonate or in any way misrepresent its affiliation or authority to act on behalf of any person, company, or other entity. By subscribing to the Services or accepting these Terms, the Customer personnel using the Services or accepting these Terms, certify that they are authorized to act on behalf of the Customer, and are authorized by Customer as a representative of an individual, business or other legal entity having contractual usage rights granted by an ISP or Web Host owning or licensed to use, any and all IPs and the associated Devices to which you direct the Services to be performed. Customer agrees to cooperate with McAfee in reasonable measures to verify the identity and authority of persons using the Services.

Prohibited Uses

Customer must never use or direct the Services to interact with IPs or Devices for which Customer is not expressly authorized to do so. Customer must not use the Services in such a way as to create unreasonable load on IPs or Devices to which you have directed the Services to interact. Customer may not use any McAfee IP or Device, directly or indirectly, to initiate, propagate, participate, direct or attempt any attack, hack, or crack, or send bandwidth saturation, malicious or potentially damaging network messages to any Device, whether owned by McAfee or not. Customer must not direct any such attacks of any kind using any protocol at any of McAfee's Devices. Customer must not direct bots, spiders, crawlers, or any other automated process at McAfee's computer systems. Customer must not, through the use of the Services or by any other means, create unreasonable load on any of McAfee's Devices. Customer must not use the Services or McAfee's Devices to perform any unlawful activity including but not limited to computer crime, transmission or storage of illegal content, or content or software in violation of intellectual property and copyright laws. Customer must not access information on McAfee's Devices for which you are not authorized, or which is not made available intentionally, publicly and in accordance with McAfee's Privacy Statement (available at http://www.mcafee.com/us/about/privacy.html). If Customer gains access to any information for which Customer is not authorized, by any method or means, or for any reason, Customer must report such access to McAfee immediately and destroy all electronic or hard copies of such information. Customer must report incidents by email with return receipt requested to security@mcafeesecure.com, or by calling (707) 224-7656. Any breach of the above covenants will result in immediate termination of Services and, if appropriate, referral to law enforcement authorities.

Conduct and Content

Customer will use the Services in a responsible, businesslike manner in accordance with the law. Customer is responsible for its conduct while using the Services, as well as for any content Customer posts, distributes, transmits or solicits from others while using the Services. Customer will not use the Services in such a way as to distribute, link-to, transmit or solicit any content of any type that: (a) is unlawful, libelous, violates a contract, or regulation; (b) is obscene, harmful to minors, pornographic, invasive to another's privacy, racist, unethical, or otherwise offensive; (c) advocates or solicits criminal behavior, violence or racism; (d) infringes on someone's intellectual property rights, copyright, or other right; (e) constitutes unauthorized or unsolicited commercial communications such as bulk or SPAM email; (f) contains any computer code designed to disrupt, damage or impair any computer or network systems and software, such as viruses, trojans, back doors, or macros, whether or not any damage occurs; (g) surreptitiously intercepts, downloads, copies, detrimentally interferes with, damages, or expropriates any system, data, or personally identifying information; (h) defaces the Web site or Services in any way; or (i) reveals your account access information such as your password or secret question. Customer will comply with all applicable laws, regulations, and McAfee policies regarding on-line conduct and content.

Security

Customer agrees not to provide access to the Services by; (a) allowing others to use its account; (b) creating an account for someone who is not authorized to perform the role or view the information for which you have granted access; or (c) failing to revoke access for those persons who are no longer authorized to access the Services for any reason. Customer will immediately notify McAfee of any unauthorized access from its account or the accounts of others for which Customer has administrative authority, including the use of accounts, passwords, or any other breach of security. Customer will not solicit another party's password for any reason. Customer will not access someone else's account, nor disrupt, interfere, or limit the functioning of the Services, or other's enjoyment of the Services.

Support

Under this agreement, McAfee will provide support, whether on-line or by telephone, only during normal Pacific Standard Time working hours. Any additional support must be purchased by Customer under a separate agreement.

No Guarantee

THE SERVICES ARE PROVIDED ON AN AS IS, AS AVAILABLE BASIS WITHOUT ANY WARRANTY OF ANY KIND. CUSTOMER UNDERSTANDS THAT ASSESSING COMPUTER SECURITY IS HIGHLY COMPLEX AND CHANGEABLE. CUSTOMER UNDERSTANDS THAT USE OF THE SERVICES IS AT CUSTOMER'S OWN RISK. MCAFEE, ITS OFFICERS, DIRECTORS AND EMPLOYEES ARE NOT RESPONSIBLE FOR CUSTOMER'S USE OF THE SERVICES OR ANY RESULTS THEREFROM. MCAFEE MAKES NO WARRANTY THAT THE SERVICES WILL FIND ALL VULNERABILITIES IN CUSTOMER'S NETWORK OR SERVER(S), OR THAT THE SOLUTIONS SUGGESTED AND ADVICE PROVIDED IN THIS REPORT WILL BE COMPLETE OR ERROR-FREE. MCAFEE SHALL BE HELD HARMLESS AND FREE FROM ALL LIABILITIES FOR ANY USE OR APPLICATION OF THE INFORMATION PROVIDED BY MCAFEE IN CONNECTION WITH USING THE SERVICES. ADDITIONALLY, MCAFEE MAKES NO WARRANTY THAT THE SERVICES WILL ALWAYS BE AVAILABLE, THAT THEY WILL BE ERROR FREE, OR THAT THEY WILL MEET CUSTOMER'S REQUIREMENTS. CUSTOMER USES THE SERVICES OR ANY RELATED THIRD PARTY SERVICES AT ITS OWN RISK. CUSTOMER IS SOLELY RESPONSIBLE FOR ANY DAMAGE TO ITS DEVICES AS A RESULT OF USING THE SERVICES. MCAFEE MAKES NO WARANTIES, EXPRESSED OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE IN CONNECTION WITH THE SERVICES OR THESE TERMS.

Copyright and Intellectual Property

All content provided by McAfee in connection with the Services is protected under copyright law. Unless authorized in writing by McAfee or elsewhere in these Terms, Customer must not reproduce or distribute in any form, whether or not for commercial purposes, any part of the Services. Unless indicated otherwise, you may view, download, copy, and print McAfee documents from the Services, as long as such documents are for Customer's use only and are not posted, distributed, modified, including being defaced or remove copyright, trademark or other intellectual property ownership notices.

Right to Display the McAfeeSECURE Image

If authorized by the Services purchased, Customer may display the McAfeeSECURE certification image, but only by through the use of the HTML source code provided by McAfee for the display of the McAfeeSECURE certification image. Customer agrees to only place this HTML code on sites that are actively being scanned by the Services. The McAfeeSECURE image shall at all times be served only from McAfee's designated servers and shall remain under the full control of McAfee. McAfee shall have the right to discontinue the serving of the McAfeeSECURE image, if any Customer web-site, or other device that is being scanned in connection with the Services, fail to pass McAfee's vulnerability audits for a period of 72 hours or longer. Should Customer discontinue the Services, Customer agrees to immediately remove all HTML source code supplied by McAfee from its servers. Customer is prohibited from using the McAfeeSECURE certification image for or on behalf of any other organization or in connection with any domain name and/or organization name other than those being scanned in connection with the Services, and enrolled and established under Customer's account.

Privacy

By agreeing to these Terms, Customer also agrees that McAfee may collect and use Customer personnel's personally identifying information in accordance with McAfee's Privacy Statement (available at http://www.mcafee.com/us/about/privacy.html). Customer also agrees to make commercially reasonable efforts to avoid accessing or revealing private or personally identifying information using the Services, and to comply with any provisions of the Privacy Statement that may affect use of the Services. McAfee's Privacy Statement is incorporated here by reference, and is subject to change from time to time at McAfee's sole discretion.

Use of Interactive Services

Any forums, chat rooms, support tools or other interactive tools associated with the Services are intended as a tool to discuss computer security issues, generally available McAfee products, services, and other business and technical issues related to the use of the Services. The interactive services are not intended to register complaints and may not be used by Customer to solicit for business. McAfee does not normally screen or edit user content or monitor interactive services, except as necessary to provide technical and customer support, but reserves the right to do so in the future. McAfee is not responsible for any unintended or prohibited content.

Confidentiality

Except as provided in McAfee's Privacy Statement, McAfee and Customer agree, for a period of on (1) year following expiration or termination of the Services, to hold each other's Confidential Information in confidence and not to disclose it to any third party without the prior written consent of the disclosing party. The parties agree to use such Confidential Information of the disclosing party only for the purpose of performing the party's obligations under this Agreement. Further, the receiving party shall use the same degree of care it uses with respect to its own Confidential Information to prevent the unauthorized disclosure to a third party, but in no event less than reasonable care. Customer understands and agrees that McAfee may transfer the Customer data, which is gathered by the Services purchased by Customer, to McAfee data centers outside of Customer's nation for purposes of fulfilling McAfee's obligations under these Terms. Confidential Information shall mean non-public, proprietary information including, without limitation, any information, technical data or know-how relating to discoveries, ideas, inventions, concepts, software, equipment, designs, drawings, specifications, techniques, processes, models, data, source code, object code, documentation, diagrams, flow charts, research, development, business plans or opportunities, business strategies, future projects or products, projects or products under consideration, procedures, and information related to finances, costs, prices, vendors, customers and employees which is disclosed by such party or on its behalf whether before, on or after the date hereof, directly or indirectly, in writing, orally, or by drawings or inspection of equipment or software, to the other party or any of its employees or agents. Customer agrees that the password or secret question used by Customer to access its account to receive Services shall be treated as Confidential Information. Customer agrees that the logos, trademarks or other identifying characteristics of Customer are not Confidential Information and that McAfee may identify Customer as a customer, provided that such reference does not include any Confidential Information. The obligations to protect Confidential Information under this Section shall not apply to information which: (a) is or becomes publicly known through no act or failure to act on the part of the receiving party; (b) was rightfully in the receiving party's possession prior to disclosure by the disclosing party; (c) became rightfully known to the receiving party, without confidential or proprietary restrictions, from a source other than the disclosing party; (d) is approved by the disclosing party for disclosure without restriction; (e) is or was developed independently by the receiving party without use of or reference to any of the Confidential Information and without violation of any confidentiality restriction; or (f) is required to be disclosed by law.

Automatic Renewal

Customer agrees that subscription based Services will automatically renew at the end of each subscription period, at the then current list price for the Service, unless Customer sends notice of Customer's request that the Services not renew. Such notice of non-renewal must be sent to McAfee through the e-mail address support@mcafeesecure.com at least thirty (30) days prior to the end of Customer's current subscription period. Notwithstanding the foregoing, if Customer purchased the Services from a McAfee authorized reseller of the Services, the subscription for the Services will not automatically renew at the end of the purchased subscription period, but shall expire and require the purchase of a new subscription period in order for the Services subscription period to be renewed.

Breach

Customer is in breach of this agreement if Customer fail to pay any amount owed to McAfee when due, subject to a 10 day grace period, or Customer fails to comply with these Terms. Unless otherwise stated, fees for Services are due in advance and subject to payment terms in the invoice(s) for the Services, which are incorporated into these Terms by reference. If Customer is in default, McAfee may take any or all of the following actions to remedy the default and protect its interests: (a) declare all unpaid monies immediately due and payable; (b) Terminate Services; (c) terminate the Services; (d) take any other lawful action McAfee may deem appropriate to enforce your obligations under these Terms. Customer agrees to pay costs and reasonable attorney's fees McAfee may incur enforcing its rights under this agreement.

Sales/Use Tax

Customer shall pay all sales and other taxes, however designated, which are levied or imposed by reason of the transactions contemplated hereby, except for taxes based on McAfee's net income.

Indemnity

Customer agrees to indemnify, hold harmless, and defend McAfee, its officers, directors, employers, agents, suppliers, licensors, and third party information providers, or other related parties from and against all losses, damages, costs, and attorney's fees (Claims) resulting from violation of these Terms or any action, whether intentional, malicious, inadvertent, wrongful or negligent, related to Customer's account, Customer's use of the Services or any other person or persons who uses Customer's user account. McAfee does NOT indemnify Customer against such Claims made against Customer by others as a result of Customer's use of the Services.

Limitation of Liability

Customer expressly agrees that McAfee shall have no liability or obligation, whether arising from contract, tort, warranty, or otherwise, for any loss of revenue, profit, data, use of money, use of time, or for any incidental, consequential, special, or indirect damages, foreseen, foreseeable, unforeseeable, or otherwise, arising from your use of the Services, to the extent allowed by law. This limitation applies to all claims or causes of action including but not limited to those arising from Service availability, your access and use of third party services, content or software, or any other matter relating to the Services. Customer agrees that McAfee's liability for all causes of actions relating to these Terms and any matters relating to McAfee's delivery of, or Customer's use of the Services shall not exceed the monies paid to McAfee in the 12 months preceding the proper service of the cause of action.

Modification of Terms and Services

McAfee reserves the right to modify these Terms from time to time. The modified Terms will be posted on this page. Customer should check here from time to time for updates. Customer agrees that its use of the Services after such a change will be deemed full and adequate acceptance of the modified Terms. McAfee also reserves the right to modify, discontinue or make temporarily unavailable the Services. Any new or modified features of the Services, unless explicitly stated otherwise, are subject to these Terms.

Entire Agreement

Customer acknowledges that these Terms with the McAfee's Privacy Statement constitute the entire agreement between Customer and McAfee. Customer agrees that these terms supersede any prior agreements or statements made verbally or in writing.

Severability

Customer agrees that if any term in this agreement is deemed to be invalid, unlawful or unenforceable for any reason, all other terms shall remain in force.

Governing Law

These Terms are governed by the laws of the State of New York and controlling U.S. Federal Law.

Waiver of Rights

Customer agrees that the only way to waive rights under these Terms is explicitly and in writing. Any failure to enforce any right under this agreement will not waive that right.

Term and Termination

Customer agrees that the agreement under these Terms shall remain in effect for as long as Customer subscribes to, renews, or uses the Services. Customer agrees that this agreement can only be terminated by Customer after Customer has stopped using the Services and have paid all monies owed to McAfee. Customer agrees that McAfee can terminate this agreement at any time with or without cause, if McAfee has reason to believe that Customer is violating the Terms in any way, or if the Service is permanently discontinued. Each renewal of Services shall again be subject to these or modified Terms in effect at the time of renewal.

Network Security Audits

Customer hereby authorizes McAfee to perform Network Security Audits, on any Devices and IPs specified by Customer. Network Security Audits are performed with the assistance of McAfee employees or its appointed contractors, and may from time to time include additional probing and validation beyond the scope of our automated vulnerability scanning system. In certain cases, the exploitation of a vulnerability and/or minimal extraction of data from the target server may be conducted to support our security audit findings, or to illustrate a vulnerability to Customer.

Special Promotions

From time to time, McAfee will run special promotions for certain McAfee Secure merchants and partners (Promotional Partner(s)) during periods of time (Promotional Period(s)) as determined by McAfee, at its sole discretion. As part of these promotions, McAfee may provide the services to Promotional Partners free of charge for a Promotional Period. During such Promotional Period, no incremental costs or fees will be incurred by a Promotional Partner. Promotional Partner agrees that McAfee is authorized to receive reports from partners and vendors of any Merchant activity associated with the promotion during the Promotional Period and will take all reasonable steps to provide assurance to the partners and vendors of such authorization. Merchant and Promotional Partners understand and agree that McAfee may discontinue the Promotional Period at any time and a Promotional Partner or Merchant may terminate pursuant to this Agreement.

I agree to the McAfee terms and conditions

Buy Now

Need help? Have a question?
(877) 302-9965 Toll-Free in US
(972) 963-8805 x4 Worldwide Need help? Have a question? support@mcafeesecure.com

The McAfee PCI Certification Service is 100% guaranteed. If we don't supply you with all of the services and information you require to successfully complete PCI DSS certification we will refund all fees.

Content

McAfee® PCI Certification Service

Certification that isn't a burden.

Sidebar

Ready to Buy?

Call Details

McAfee PCI Certification Service

Related Products

PCI Data Security Standard - Compliance Validation Requirements

McAfee PCI Certification Service

Footer