We’re Canada’s Largest Dedicated
PCI Compliance Company
If you accept credit cards as a form of payment, then you need to care about compliance. PCI compliance doesn’t have to be confusing, time consuming and costly – that is, when you have the right company on your side. Control Gap helps you get compliant and stay compliant quickly and effectively!
Trusted by fortune 500 companies, Control Gap is the largest PCI Compliance firm in Canada. We provide customized solutions that you can depend on.
Quick and Easy
Our certified experts make getting compliant easy, leaving you more time to get back to what you do best – running your business.
There are many ways to get compliant, we focus on the compliance solution that makes the most sense for your organization.
Effective and Affordable
We use multiple approaches, technologies and assessment tools; where there’s a simpler, more cost-effective way to do something, our clients are the first to know.
Tired of being confused by compliance?
Contact us today and learn more about how we can help you
Get Compliant. Stay Compliant.
What is PCI Pilot™?
PCI Pilot™ is a web-based application that’s FREE to start! The app focuses on helping smaller and medium-sized businesses simplify and speed up the PCI compliance process by automating the SAQ (Self-Assessment Questionnaire) via an online tool.
Learn More About PCI Pilot™
Why Control Gap?
- We save you time and money
- We help you avoid fines and potential punitive action
- We make compliance understandable
- We are current with all legislation and standards so you don’t have to be
- We are your go-to expert for all your compliance questions and issues
Credentials and Affiliations
- Certified Ethical Hackers (CEH)
- Checkpoint Certified System Engineers (CCSE)
- Certified Technical Trainers (CTT)
- Certified Information Systems Security Professionals (CISSP)
- Certified Information Systems Auditors (CISA)
- Qualified Security Assessor Company (QSAC)
- Payment Application Qualified Security Assessor (PA-QSA)
- Point to Point Encryption Solutions (P2PE QSA)
- Point to Point Encryption Applications (P2PE PA-QSA)
Read More Customer Experiences
Control Gap helped our staff to better understand the audit process & its objectives. We look forward to engaging Control Gap in the future.
(Vice President Technical Services, AJB Software)
We were impressed with Control Gap’s flexibility. They worked around us and they got the job done.
(Founder & CTO, Hosted PCI)
They patiently guided us through the entire audit process and we found them easy to work with, vendor neutral & focused on helping.
(Manager of Information Security & Compliance, Threshold Financial Technologies)
What Is The Difference Between Masking And Truncation In PCI Compliance?
January 17 2017
Masking and truncation of cardholder data may seem the same on the surface (eg. 423456XXXXXX7890); however, each implies different functionality. Masking applies to displays and implies the data can be accessed behind the scenes. Truncation applies to storage and implies the permanent and irrecoverable transformation of the original data. For more see the official PCI
What Is Cardholder Data In PCI Compliance?
January 16 2017
Cardholder data, aka CHD, comes from credit, debit, and prepaid cards bearing the logo of one of the PCI founding card brands. CHD includes the primary account number (PAN) alone or in combination with any of name, expiry date, and a piece of hidden data called a service code. CHD can be in any media