Looking for something?

You will find your answers here!

    Sorry, we didn't find any relevant articles for you.

    Send us your queries using the form below and we will get back to you with a solution.

    My company only uses a website to process credit card payments. Nothing having to do with the credit card payments through that website is on any of my PCs. Do I still need to obtain my PCI Certification?

    Anyone who stores, processes, or transmits credit cards is subject to some sort of certification with respect to PCI. Your customer's credit card information is being entered into an external website (whether by you or your customers) and as such, you, as the Merchant are ultimately responsible for ensuring the data is being handled safely. Fortunately, PCI has regulations in place that also extend to the companies that run these external websites (Service Providers) and they too must receive certification.

    As you complete your PCI-DSS, the Self-Assessment Questionnaire (SAQ) should ask you whether you have validated that the Service Provider you chose is PCI Compliant. With an entirely hosted (SaaS-based) application, that would mean that they would have achieved their PCI-DSS Service Provider Level 1 or Level 2 certification. Level 1 certifications can be verified with Visa or MasterCard.

    Level 2 Service Providers must submit their application through a Level 1 Service Provider to Visa and MasterCard, but should have some confirmation from either the Service Provider or Visa/MasterCard of their Service Level 2 certification and when it expires. As a Merchant, your decision to enlist the services of a Third-Party to store, process or transmit your customers' credit card data does not relieve you of the need to ensure that data is being handled pursuant to the PCI-DSS. The SAQ is the means by which the card brands ensure you remain engaged and are actively involved in ensuring the Service Provider receives/maintains their PCI certification.

    Was this article helpful?

    Still can't find
    what you are looking for?

    Our award-winning customer care team is here for you.

    Contact Support

    Knowledge Base Software by