PCI Compliance

Featured articles about PCI Compliance

Why is PCI Compliance Important to my Small Business?

For advice, tips and PCI Compliance Log In

PCI Log In
If you have any questions, feel free to give us a call at 1-866-651-3068

According to payment brand rules, all merchants and service providers are required to comply with the PCI DSS in its entirety.

There are five SAQ categories, shown briefly in the table below . Use the table to gauge which SAQ applies to your organization.






SAQDescription
ACard-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data
functions outsourced. This would never apply to face-to-face merchants.
BImprint-only merchants with no electronic cardholder data storage, or standalone, dial-out terminal merchants with no electronic cardholder data storage
C-VTMerchants using only web-based virtual terminals, no electronic cardholder data storage
CMerchants with payment application systems connected to the Internet, no electronic cardholder data storage
DAll other merchants not included in descriptions for SAQ types A through C above, and all service providers defined by a payment brand as eligible to complete a SAQ.
P2PE-HWMerchants using only hardware payment terminals included in a PCI SSC-listed, validated, P2PE solution, no electronic cardholder data storage. This would never apply to e-commerce merchants.

To learn more you can go to the Official PCI Security Standards Council webpage.