STARTING WITH THE BASICS-PCI DSS
Let’s have a little refresher and start with the basics in the New Year 2015. Remember YOU are responsible for your customers’ cardholder data when they decide to use a credit card at your place of business regardless if you store credit card data or not, you must be certified.
Take a look where your business belongs in the guide below and read more about PCI DSS HERE
How do you accept payment cards?
(A) Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data functions outsourced. This would never apply to face-to-face merchants.
(B) Imprint-only merchants with no electronic cardholder data storage, or standalone, dial-out terminal merchants with no electronic cardholder data storage.
(C-VT) Merchants using only web-based virtual terminals, no electronic cardholder data storage. NEW!
(C) Merchants with payment application systems connected to the Internet, no electronic cardholder data storage.
(D) All other merchants not included in descriptions for SAQ types A through C above, and all service providers defined by a payment brand as eligible to complete an SAQ.
If you’re unsure of your SAQ status please call my office to discuss your PCI DSS needs and avoid putting your business at risk.