Payment Card Industry Data Security Standards materials
- Visit the PCI Security Standards PCI-DSS Web page for more information and to learn what you should do to be in compliance. Read more about PCI-DSS in our FAQ section on credit card processing.
- PCI-DSS Self Assessment Questionnaires (SAQ)
- SAQ A - Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data functions outsourced. This would never apply to face-to-face merchants.
- SAQ B - Imprint-only and stand-alone terminal merchants with no electronic cardholder data storage.
- SAQ C - Merchants with POS systems connected to the Internet, no electronic cardholder data storage.
- SAQ D - All other merchants (not included in Types 1-4 above) and all service providers defined by a payment brand as eligible to complete an SAQ.
- PCI-DSS Prioritized Approach - Provides guidance that will help merchants identify how to reduce risk to card holder data as early on as possible in their compliance journey.