Featured articles about PCI ComplianceWhy is PCI Compliance Important to my Small Business?
For advice, tips and PCI Compliance Log InPCI Log In
If you have any questions, feel free to give us a call at 1-866-651-3068
According to payment brand rules, all merchants and service providers are required to comply with the PCI DSS in its entirety.There are five SAQ categories, shown briefly in the table below . Use the table to gauge which SAQ applies to your organization.
|A||Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data|
functions outsourced. This would never apply to face-to-face merchants.
|B||Imprint-only merchants with no electronic cardholder data storage, or standalone, dial-out terminal merchants with no electronic cardholder data storage|
|C-VT||Merchants using only web-based virtual terminals, no electronic cardholder data storage|
|C||Merchants with payment application systems connected to the Internet, no electronic cardholder data storage|
|D||All other merchants not included in descriptions for SAQ types A through C above, and all service providers defined by a payment brand as eligible to complete a SAQ.|
|P2PE-HW||Merchants using only hardware payment terminals included in a PCI SSC-listed, validated, P2PE solution, no electronic cardholder data storage. This would never apply to e-commerce merchants. |
To learn more you can go to the Official PCI Security Standards Council webpage.