Recent FAQ Changes RSS

PCI DSS applies to all primary account numbers (PANs) that represent a PCI SSC Participating Payment Brand. This includes PANs that are only provided electronically (virtual PANs) as well as …

PCI DSS applies to all primary account numbers (PANs) that represent a PCI SSC Participating Payment Brand. Whether a one-time PAN is in scope for PCI DSS will depend on …

Each of PCI SSC?s Participating Payment Brand members (American Express, Discover, JCB International, Mastercard, UnionPay, and Visa) currently have their own PCI compliance programs for the protection of their affiliated …

PCI DSS applies for the protection of cardholder data (PAN, cardholder name, service code and expiration date) and sensitive authentication data (full track data from the magnetic stripe or equivalent …

Contact the applicable payment brands and/or acquirer (merchant bank) for more information about PCI compliance programs.

Contact details for the PCI SSC Participating Payment Brands are provided below:

…

For the purposes of the PCI DSS, a merchant is defined as any entity that accepts payment cards bearing the logo of a PCI SSC Participating Payment Brand as payment …

No. It is not acceptable for reports (draft or final) to be issued to clients, acquirers, issuers, or other parties for review/amendment before being sent to payment brands and/or acquirers. …

This FAQ reflects updates as of November 2021 for acceptable truncation formats for different PAN / BIN lengths.

Acceptable truncation formats vary according to PAN length and Participating Payment …

Yes, if the software in question meets all stated eligibility criteria in effect at the time of submission, software-as-a-service may be validated to the Secure Software Standard and listed on …