Are merchants using Council-listed P2PE solutions out of scope for PCI DSS?
No. While use of a validated, listed P2PE solution can help to reduce the scope of a merchant?s cardholder data environment, it does not remove the need for PCI DSS …
Recent FAQ Changes RSS
Latest changes to PCI SSC frequently asked questions.
What is a P2PE solution provider?
The P2PE solution provider is a third-party entity (for example, a processor, acquirer, or payment gateway) that has overall responsibility for the design and implementation of a specific P2PE solution, …
What is a point-to-point encryption (P2PE) solution?
A point-to-point encryption (P2PE) solution is provided by a third party solution provider, and is a combination of secure devices, applications and processes that encrypt data from the point of …
What is the Point-to-Point Encryption (P2PE) Standard?
The PCI Point-to-Point Encryption (P2PE) Standard contains detailed security requirements and testing procedures for application vendors and providers of P2PE solutions to ensure that their solutions can meet the necessary …
How do I contact the payment card brands?
Contact details for the payment brands are provided below:
American Express
- Website: www.americanexpress.com/datasecurity
- Email: AmericanExpressCompliance@trustwave.com
Discover - Website: http://www.discovernetwork.com/merchants/data-security/index.html - …
How do I contact the payment card brands?
Contact details for the payment brands are provided below:
American Express
- Website: www.americanexpress.com/datasecurity
- Email: AmericanExpressCompliance@trustwave.com
Discover - Website: http://www.discovernetwork.com/merchants/data-security/index.html - …
How do I contact the payment card brands?
Contact details for the payment brands are provided below:
American Express
- Website: www.americanexpress.com/datasecurity
- Email: AmericanExpressCompliance@trustwave.com
Discover - Website: http://www.discovernetwork.com/merchants/data-security/index.html …
How do I contact the payment card brands?
Contact details for the payment brands are provided below:
American Express
- Website: http://www.americanexpress.com/datasecurity
- Email: AmericanExpressCompliance@trustwave.com
Discover - Website: …
I have had an external vulnerability scan completed by an ASV ? does this mean I am PCI DSS compliant?
PCI DSS Requirement 11.2.2 addresses the need for quarterly external vulnerability scans to be performed by a PCI SSC Approved Scanning Vendor (ASV).The ASV will produce a scan report that …
What is a ?PCI DSS compliance certificate??
In addition to the official PCI SSC reporting forms and templates, some QSA and ASV companies provide certificates, letters or other documentation as confirmation that an organization is PCI DSS …