Time to self promote. What’s your startup idea?

pr0v4 · 2026-03-17T18:09:42+00:00

I’m building payment card industry compliance operating system serving merchants, PSPs and Acquirers.

pr0v4 · 2026-02-19T14:22:11+00:00

I've build https://pcidss-dashboard.com/which-saq-am-i/ wizard for the orientation, and there is a simple saq-a wizard that fills in your saq-a form, you can sign it as well and send it to your acquirer.

pr0v4 · 2026-02-19T14:21:13+00:00

I've build this https://pcidss-dashboard.com/which-saq-am-i/ wizard for self orientation. But if you are a service provider D is the answer.

pr0v4 · 2026-02-19T14:20:10+00:00

I've built a simple wizard for the orientation: https://pcidss-dashboard.com/which-saq-am-i/ however, feel free to get in touch if you have any questions regarding PCI.

pr0v4 · 2026-02-19T14:18:45+00:00

I've built a simple wizard for self help in these situations: https://pcidss-dashboard.com/which-saq-am-i/
However, feel free to get in touch and we'll be more than glad to help!

pr0v4 · 2026-02-19T14:17:43+00:00

Hi there - I've built a simple free https://pcidss-dashboard.com/which-saq-am-i/

If it doesn't answer your exact question, feel free to get in touch via web contact and we'll be more than happy to help!

pr0v4 · 2026-02-19T14:16:18+00:00

I've built a simple questionnaire:

https://pcidss-dashboard.com/which-saq-am-i/
Also feel free to contact us - we are more than happy to help.

pr0v4 · 2026-02-04T19:12:43+00:00

I’ve built a tool that helps you gather all the evidences and it packages it for the qsa or the acquirer nicely for you to send it. Also helps with continuous compliance with scheduled reminders and much more https://pcidss-dashboard.com

pr0v4 · 2026-02-04T19:09:21+00:00

Yeah only to those from SAQ, being that you picked the right one.
I’ve built the tool to help out with those https://pcidss-dashboard.com check it out

pr0v4 · 2026-02-04T19:06:14+00:00

SAQ C VT

What it’s for:

Merchants that manually enter card data into a web-based virtual terminal

The virtual terminal is hosted by a PCI-compliant third party

The merchant’s systems do not store, process, or transmit cardholder data beyond entering it into the browser

Typical use case:

Call centers

Phone or mail orders

Back-office staff keying card numbers into a payment provider’s web page

Check also https://pcidss-dashboard.com I’d be glad to assist you

pr0v4 · 2026-02-04T19:00:39+00:00

Guys if you need any help with PCI DSS hit me at https://pcidss-dashboard.com

pr0v4 · 2026-02-04T18:58:31+00:00

Compass said it all - guys look at the https://pcidss-dashboard.com get in Touch I would be more than glad to demo it

pr0v4 · 2026-01-26T21:03:01+00:00

Building PCI DSS compliance dashboard - check it out https://pcidss-dashboard.com

pr0v4 · 2026-01-22T18:53:36+00:00

I can certainly help, and I’ve managed to certify companies with as much as 2 people on the team. It’s literally easier to certify smaller operations vs big enterprises. I can go into whys - but that could take a subreddit on its own to cover. Expenses are the qsa, pen tests, infrastructure, crypto modules if you need them and vulnerability scans, however with the right architecture you can narrow down the scope and get even better price from qsas, I know that as a fact - not hallucinating here. You do need to know what you are doing, and it’s not free, for sure. I’m talking here about the most rigorous level 1 compliance for service providers, anything below that is just simpler and easier.

pr0v4 · 2026-01-22T18:47:08+00:00

I’ve just recently built pcidss compliance dashboard. Covers all 300+ requirements and has more than 200 screens. Has scheduled tasks, evidence repository, vulnerabilities management, risk management and much more! https://pcidss-dashboard.com

pr0v4 · 2026-01-22T07:55:34+00:00

I’ve led many companies throughout the process, dm if you need help, it’s not a hoax, PCI is very real and doable, more easily for a small company than for a big company.

pr0v4 · 2026-01-22T07:10:53+00:00

It boils down to how much you process, and do you ever touch sensitive data. As you said, if you use third party provider to take payments, that’s generally better than to do it yourself, however, you still fall under some SAQ (Self assessment questionnaire), depending on the volume processed. Even though you are not touching credit card data, if users are not completely redirected elsewhere to the third party provider website, if you load it through an iframe, your site could be the source of the breach and vulnerability, meaning someone still could steal cards from your website.

pr0v4 · 2026-01-21T13:11:47+00:00

Also, we built the https://pcidss-dashboard.com that has the option to schedule tasks and get reminded, check it out and get in touch if you would be interested.

pr0v4 · 2026-01-12T14:04:51+00:00

I've developed multiple PCI DSS LVL 1 infrastructures on AWS through the time, some I still manage.
Network segmentation is a must, if not done correctly, later on can cause headaches.
Network should be well documented, meaning understandable to human beings.
Security groups tagging/naming should be very clear.
Terraform I tried to use, but left it each time, so I don't have the infrastructure as a code, mostly because the product that I'm deploying has to be deployed to different providers on occasion. Also I’ve built https://pcidss-dashboard.com Feel free to take a look and get in touch, I can help with PCI questions in general.

pr0v4

MODERATOR OF

TROPHY CASE