MasterCard SDA Program:

For MasterCard Inc., compliance and validation includes following its Site Data Protection (SDA) Program, along with the incorporated PCI DSS standards.

The SDA program includes compliance requirements for the following entities:

• Merchants-All merchants must become PCI DSS compliant through completing the PCI Self Assessment, PCI Onsite Assessment and PCI Quarterly Network Scanning. While all merchants are required to comply with the Payment Card Industry Data Security Standard, merchants that store, process or transmit MasterCard account data may also be required to validate compliance with their acquirer.
  
  
• Service Providers-Third Party Processors (TPPs), Data Storage Entities (DSEs). Any service providers that store, process or transmit MasterCard account data on behalf of the merchant must also be compliant.
  
  
• Vendors-Master Card provides a list of Approved Scanning Vendors (ASVs), based on the testing requirements laid out in the PCI DSS standard for ASVs.
  
  
• Acquirers-MasterCard works with acquirers to help the acquirer's merchants obtain SDA certification, as well as PCI DSS certification. The acquirer does not have to go through an SDA certification process, but the acquirer must manage the SDA process for their merchants. The acquirer must certify the merchants' compliance validation tools, as well as registering the merchant with MasterCard.

                    

Print this page

Send this page to a friend

PCI DSS: 5 Guidelines for Gaining PCI Compliance Step 1: An Introduction to PCI Compliance PCI Compliance Introduction Who Put the DSS in PCI? Step 2: Finding The PCI DSS Merchant, Service and Compliance Level Should Your Organization be Concerned about PCI Compliance? PCI DSS: The Visa CISP Program MasterCard SDA Program Defining Merchant Validation Levels Level 4 Merchant Compliance Visa PCI CAP Program Defining Service Provider Validation Levels Acquirer Responsibility Calculating Merchant Transactions PCI DSS: Visa and MasterCard Quick Reference Guide Step 3: Attaining PCI DSS Compliance-Merchant Security Audits: 12 Requirements Build and Maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Management Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Step 4: Finding a PCI DSS Approved Scanning Vendor (ASV) Do You Need an ASV? Merchant and Service Provider Scanning Requirements Compliance Reporting Visa and Compliance Reporting MasterCard and Compliance Reporting Step 5: Completing the PCI DSS Self Questionnaire Completing the PCI DSS Self Questionnaire PCI Compliance Polls Are you currently PCI Compliant? Yes No Working towards compliance Why are you looking at PCI Compliance Required By Credit Card Processor Required By Bank Want to meet industry standards Looking to secure network What merchant level do you fall under for PCI Compliance? Level 1 Level 2 Level 3 Level 4 I have no idea View PCI Merchant Level Results View All PCI Compliance Poll Results EV SSL Certificate Guide Sponsored Listing: