Michigan Secure Capital Group
contact us
PCI DSS Compliance | MSCG

PCI DSS Compliance

Michigan Secure Capital Group Corp. ("MSCG") maintains a cardholder-data environment aligned with PCI DSS v4.0 standards. Through our proprietary CoreArmor™ security protocols, MSCG operates at a level exceeding the requirements of PCI DSS for protecting payment information, networks, and client data.

Scope & Commitment

MSCG does not store full PAN or sensitive authentication data after authorization. All payment activities are conducted via PCI-validated service providers using tokenization and encryption. Our CoreArmor™ framework integrates network segmentation, continuous monitoring, vulnerability testing, and adaptive AI-driven controls.

Key Security Controls

  • Firewall segmentation and change management
  • FIPS-approved encryption for data in transit and at rest
  • Quarterly ASV scans and annual penetration testing
  • Role-based access control with MFA and least privilege
  • Centralized logging and 24/7 behavioral monitoring
  • Vendor and third-party PCI responsibility acknowledgments

Service Providers

All third-party processors used by MSCG maintain current PCI DSS Attestations of Compliance (AOC) and are reviewed annually. Partners must acknowledge shared PCI responsibilities contractually.

Data Retention & Documentation

Any truncated PAN data retained is rendered unreadable and stored only for compliance and reconciliation purposes with defined retention limits. Full AOC/SAQ documentation is available upon request to authorized parties.

Contact

For PCI DSS verification or security inquiries, please email: [email protected]

Employee & Contractor PCI Handling Agreement

Personnel accessing cardholder data agree to follow MSCG policy, avoid local storage of full PAN/SAD, and immediately report any suspected security incidents.

Vendor PCI Responsibility Acknowledgment

All service providers processing or transmitting cardholder data on behalf of MSCG agree to maintain PCI DSS compliance, provide their AOC upon request, and notify MSCG of any breach within 24 hours.

Disclaimer: MSCG’s CoreArmor™ security framework is designed to align with PCI DSS standards. Formal PCI DSS validation will occur once applicable payment systems are activated.

Contact Us Here

We look forward to speaking with you and will get back to you as soon as we can. 

Please follow the steps below to contact us with questions. Note that we will never share your information.

 

 

 

Enter

Fill out the form below with your information, including a message, your question(s), and your preferred method of contact.

Confirm

Check your inbox for a confirmation email and click on the embedded link to confirm your request.

Stand By

You can expect one of our team members to reach out to you via your preferred contact method within 5 business days.