baltimore Buildings
baltimore Buildings
baltimore Buildings
20NTC Session Proposal

Reducing the Annual PCI Compliance Headaches

Submitted by: Mike Stairs | CanadaHelps


PCI compliance is an annual dance performed by those who process credit card donations. This talk will cover the current state of PCI standards and what it means to those who maintain the infrastructure related to processing these donations. CanadaHelps processed over $140 million in donations in the last year on behalf of Canadian charities. We provide a portal for donors to donate to any Canadian charity, as well as custom donation forms for charities, offline receipt generation, and a donation API. Security is a paramount concern for us, and we work closely with our QSA to ensure compliance and that we follow best industry practices.

This talk will include an overview of the Azure-based credit card tokenization service we created to decrease our PCI scope while maintaining our high standards of security. This is rapidly becoming the preferred industry approach, as some of the previous approaches have become non-compliant. Leveraging our Azure grant, we’ve been able to implement a solution that is robust, scalable, inexpensive, and secure.

Learning Outcomes

  • Describe a case study in decreasing the scope of infrastructure covered by PCI compliance
  • Understand some on the hurdles for PCI compliance
  • Discuss our Azure grant use case


Case StudyWebsites

You must be
logged in to vote





April 13, 2018


1:30pm – 3:00pm



CFRE Credits

NFR - 1.5

Collaborative Notes

Click here

Session Evaluation

Click here