Deleted FAQs

Events such as these should be accounted for in any service contract you sign with a software vendor. The Council requires that approved PA-QSAs carry appropriate liability insurance.

The Card Production Logical and Physical Security Requirements were published by PCI SSC in 2013, and are intended to provide manufacturers and producers of payment cards with a comprehensive resource …

The current scope of the PCI Security Standards Council does not include approval or identification of businesses approved for forensics investigations. Individual payment brands will continue with their existing processes …

At a high level, adequate network segmentation isolates systems that store, process, or transmit cardholder data from those that do not. Network segmentation can be achieved through a number of …

Please visit www.pcisecuritystandards.org and download/complete the application for joining the Council. Once your application fee is received and your organization has been approved as a new Participating Organization, you will …

The PCI Security Standards Council will not list PCI DSS compliant service providers or merchants on its Web site, since each individual brand is responsible for managing their own PCI …

The term "remote access" refers to access to a computer network from a location outside of that network. Examples of remote access include access from the Internet, an "untrusted" network …

PCI DSS Requirement 3.3 states that PAN must be masked when displayed (the first six and last four digits are the maximum number of digits to be displayed) such that …

The PA-DSS details the requirements a payment application must meet in order to facilitate a customer's PCI DSS compliance. PA-DSS validated payment applications, when implemented in a PCI DSS-compliant environment, …

The role of the Advisory Board will be to provide strategic and technical guidance to the PCI Security Standards Council, reflecting different stakeholder perspectives. The Advisory Board does not have …