PCI-DSS Development

ZGtec is a PCI-DSS compliant service provider

With web-based security threats on the rise, ZGtec became a Level 1 PCI-DSS web solutions provider in 2012. Our certified team uses secure development best practices to build cardholder data storage systems to meet Payment Card Industry Data Security Standards.

Building PCI-DSS applications can be a very time consuming and expensive endeavor. Whenever possible, we use the knowledge gained in the PCI-DSS certification process to suggest, build and implement online applications that keep our customers’ websites out of the PCI-DSS scope. This means most merchants can de-scope their filings from an SAQ-D to an SAQ-C or even an SAQ-A depending on their circumstances.

Most free secure web development software is not built on security best practices and is often playing catch-up with yesterdays vulnerabilities. We use Zend and MySQL frameworks to deliver true PCI-DSS applications―from the ground up. This ensures in-scope functionality will be limited as much as possible to keep your vulnerability footprint as light as possible.


Paul Fowler and his team at ZGtec are by far the best web development firm we’ve had the opportunity to work with. They’ve helped us take our website to the next level dramatically improving the usability and functionality of our website.
Adam McCurdy Aspen Center for Environmental Studies