PCI PTS Pre and Post Compliance Testing Companies in 2026

Offensive security firms that test payment devices before and after PCI PTS certification, as distinct from the accredited laboratories that perform the certification itself. These companies are not P

PCI PTS Pre and Post Compliance Testing Companies

Payment-device and embedded penetration testing firm; tests payment terminals beyond PCI PTS certification.

Project-based engagements

View details

Frequently Asked Questions

No. PCA Cyber Security is an offensive security and penetration testing firm, not a PCI Recognized Laboratory, and it does not certify devices to PCI PTS. It became a PCI SSC Associate Participating Organisation in 2026, which is a different status to laboratory accreditation. For formal PCI PTS POI or HSM evaluation, use a PCI Recognized Laboratory (see the main PCI PTS Compliance Testing Companies category).

Pre-compliance testing happens before a device is submitted for formal PCI PTS evaluation, to find and fix vulnerabilities in advance. Post-compliance testing happens after a device has already been PCI PTS approved, to check for real-world weaknesses that certification testing did not cover. Both are offensive security engagements, not certification.