PCI Watch

Tracking changes across the Payment Card Industry

Document Comparison

PCI-DSS-v4-0-AOC-for-SAQ-P2PE.pdf PCI-DSS-v4-0-AOC-for-SAQ-P2PE-r1.pdf
98% similar
10 → 10 Pages
1901 → 1910 Words
5 Content Changes

Content Changes

5 content changes. 9 administrative changes (dates, page numbers) hidden.

Modified p. 5
• Store, process, or transmit account data on the merchant’s behalf (for example, payment gateways, payment processors, payment service providers (PSPs), and off-site storage)
• Store, process, or transmit account data on the merchant’s behalf (for example, payment gateways, payment processors, payment service providers (PSPs), and off- site storage)
Modified p. 6
In Place In Place with In Place with Remediation Not Applicable Not in Place
In Place In Place with CCW Not Applicable Not in Place
Modified p. 8
Compliant: All sections of the PCI DSS SAQ are complete and all requirements are marked as being either 1) In Place, 2) In Place with Remediation, or 3) Not Applicable, resulting in an overall COMPLIANT rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements included in this SAQ.
Compliant: All sections of the PCI DSS SAQ are complete and all requirements are marked as being either 1) In Place, 2) In Place with CCW, or 3) Not Applicable, resulting in an overall COMPLIANT rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements included in this SAQ.
Modified p. 8
Compliant but with Legal exception: One or more requirements in the PCI DSS SAQ are marked as Not in Place due to a legal restriction that prevents the requirement from being met and all other requirements are marked as being either 1) In Place, 2) In Place with Remediation, or 3) Not Applicable, resulting in an overall COMPLIANT BUT WITH LEGAL EXCEPTION rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements included in this SAQ except …
Compliant but with Legal exception: One or more requirements in the PCI DSS SAQ are marked as Not in Place due to a legal restriction that prevents the requirement from being met and all other requirements are marked as being either 1) In Place, 2) In Place with CCW, or 3) Not Applicable, resulting in an overall COMPLIANT BUT WITH LEGAL EXCEPTION rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements included in this SAQ except …
Modified p. 10
PCI DSS Requirement* Description of Requirement Compliant to PCI DSS Requirements (Select One) Remediation Date and Actions (If “NO” selected for any Requirement) YES NO 3 Protect stored account data 9 Restrict physical access to cardholder data.
PCI DSS Requirement* Description of Requirement Compliant to PCI DSS Requirements (Select One) Remediation Date and Actions (If “NO” selected for any Requirement) YES NO 3 Protect stored account data 9 Restrict physical access to cardholder data 12 Support information security with organizational policies and programs * PCI DSS Requirements indicated above refer to the requirements in Section 2 of the SAQ associated with this AOC.