PCI PTS Pre and Post Compliance Testing Companies in 2026
Offensive security firms that test payment devices before and after PCI PTS certification, as distinct from the accredited laboratories that perform the certification itself. These companies are not P
PCI PTS Pre and Post Compliance Testing Companies
Frequently Asked Questions
No. PCA Cyber Security is an offensive security and penetration testing firm, not a PCI Recognized Laboratory, and it does not certify devices to PCI PTS. It became a PCI SSC Associate Participating Organisation in 2026, which is a different status to laboratory accreditation. For formal PCI PTS POI or HSM evaluation, use a PCI Recognized Laboratory (see the main PCI PTS Compliance Testing Companies category).
Pre-compliance testing happens before a device is submitted for formal PCI PTS evaluation, to find and fix vulnerabilities in advance. Post-compliance testing happens after a device has already been PCI PTS approved, to check for real-world weaknesses that certification testing did not cover. Both are offensive security engagements, not certification.