PCI SSC QIR

Qualified Integrator and Reseller of the Payment Card Industry Security Standards Council (PCI SSC QIR)

What is a QIR professional? And what does a QIR do?

A PCI-Certified Qualified Integrator and Reseller (QIR) performs so-called “qualified installations” for merchants and service providers. Such installations pertain to payment transaction systems that use credit or debit cards and where access to cardholder data is given.

Qualified Integrators and Resellers - PCI SSC QIR

In other words, wherever you handle your customers’ credit or debit card data, you should have a QIR who will ensure a secure payment environment.

QIR certification is valid for one year before it requires renewal. This is done through relevant training and renewed testing.

Boost security and minimize the risks when your customers make payments by card

A Qualified Integrator and Reseller is key to credit card or debit card payment transactions. QIR professionals help merchants and payment service providers to enhance security when handling payment transaction data, in particular, cardholder data. They are simultaneously tasked with limiting the risk of data loss – or data theft – by means of heightened security checks.

When it comes to data security issues in connection with payment transactions, problems arise mainly due to poor installation and maintenance of the payment system – also on the merchant’s side. 

QIR professionals come with experience. They are specially-trained and certified to install and maintain payment systems on-site with the merchant or service provider. The installations, configurations and checks are carried out in such a way that customer data security is noticeably increased. Any risk faced by the merchant is thus also minimized.

The know-how associated with QIR certification is, however, more generally applicable to a wider area as well; indeed, it is useful wherever important data is processed and/or stored.

Why should you, as a merchant or payment service provider, hire a QIR professional?

A QIR professional is deployed to enhance the security of cardholder data.

In other words, a QIR reduces the likelihood of lost or stolen cardholder data due to poorly configured or installed payment applications.

Not only does a QIR professional serve to protect customer and cardholder data, this individual also protects and upholds the reputation of the merchant or payment service provider. And their capacity to act is safeguarded along with it.

 A QIR professional is thus deployed not only for the benefit of your customers but, above all, for the benefit of your company and its reputation.

What is a “qualified installation”?

A “qualified installation” refers to the installation of a new payment application, its upgrading and/or the maintenance of an existing application by a qualified and licensed individual.

As part of such an installation, a QIR professional is responsible for the following activities:

  • takes charge of the installation all the way to its takeover
  • check and adapts security configurations
  • defines and writes access logic to the application
  • defines the processes (i.e. training the individuals in charge) regarding various security topics
  • prepares an implementation protocol
  • documents potential security risks

Are you a merchant or service provider who needs a QIR professional?

As of the end of 2020, the number of QIR professionals in Europe was in the lower double digits; in German-speaking countries this number was actually only in the low single digits. The good news is that we can put a QIR at your disposal.

We see to it that at least one of our consultants is QIR certified.

Transparency: You can verify the official QIR certification here.

Our currently certified QIR consultant is:

– Hubert Hell

Contact us and find out if your security configurations are up to date and what else you can – and should – be doing.