PCI Watch

Tracking changes across the Payment Card Industry

Document Comparison

PCI-DSS-v4_0-AOC-for-SAQ_SPoC.pdf PCI-DSS-v4-0-1-AOC-for-SAQ-SPoC.pdf
96% similar
10 → 10 Pages
1982 → 2061 Words
5 Content Changes

Content Changes

5 content changes. 8 administrative changes (dates, page numbers) hidden.

Added p. 10
Note: The PCI Security Standards Council is a global standards body that provides resources for payment security professionals developed collaboratively with our stakeholder community. Our materials are accepted in numerous compliance programs worldwide. Please check with your individual compliance-accepting organization to ensure that this form is acceptable in its program. For more information about PCI SSC and our stakeholder community please visit: https://www.pcisecuritystandards.org/about_us/.
Modified p. 4
Facility Type Total number of locations (How many locations of this type are in scope) Location(s) of facility (city, country) Example: Data centers 3 Boston, MA, USA Part 2e. Validated Software-based PIN Entry on COTS (SPoC) Solution Provide the following information regarding the validated PCI SSC SPoC solution used by the merchant:
Facility Type Total number of locations (How many locations of this type are in scope) Location(s) of facility (city, country) Example: Data centers 3 Boston, MA, USA Part 2e. Validated Software-based PIN Entry on COTS (SPoC) Solution Provide the following information regarding the validated PCI SSC SPoC solution♦ used by the merchant:
Modified p. 4
SPoC solutions on the PCI list of SPoC Solutions with Expired Validations are no longer considered “validated” per the SPoC Program Guide. Merchants using an expired SPoC solution should check with their acquirer or individual payment brands about acceptability of this SAQ. Find PCI listed products and solutions at “Products and Solutions Listings” on the PCI SSC website (www.pcisecuritystandards.org).
SPoC solutions on the PCI list of SPoC Solutions with Expired Validations are no longer considered “validated” per the SPoC Program Guide. Merchants using an expired SPoC solution should check with their acquirer or individual payment brands about acceptability of this SAQ. Find PCI listed products and solutions at “Products and Solutions Listings” on the PCI SSC website (www.pcisecuritystandards.org).
Modified p. 5
• Manage system components included in the scope of the merchant’s PCI DSS assessment⎯for example, via network security control services, anti-malware services, security incident and event management (SIEM), contact and call centers, web-hosting services, and IaaS, PaaS, SaaS, and FaaS cloud providers.
• Manage system components included in the scope of the merchant’s PCI DSS assessmentfor example, via network security control services, anti-malware services, security incident and event management (SIEM), contact and call centers, web-hosting services, and IaaS, PaaS, SaaS, and FaaS cloud providers.
Modified p. 9
PCI DSS Self-Assessment Questionnaire SPOC, Version 4.0, was completed according to the instructions therein.
PCI DSS Self-Assessment Questionnaire SPOC, Version 4.0.1, was completed according to the instructions therein.