The Basics of Storing PAN Data While the only Pan you might currently know is Peter, you should also get to know and understand the acronym PAN if your business accepts credit cards. PAN stands for Primary Account Number, and it is a key piece … Read more
“Ask the QSA” Question: My organization is an online service provider. Our customers are merchants (i.e., our customers are receiving the payment through our servers) and the credit card payment storage is done by a Level 1 PCI DSS Validated third party. Does my organization … Read more
Question: We are considering moving a server containing cardholder data to a hosted private cloud provider. Is it necessary that the provider have a PCI DSS assessment of their own and produce an Attestation of Compliance? What if they produce a report from an independent … Read more
Should your business store cardholder data? While the PCI DSS discourages businesses from storing credit card data, many feel the practice is necessary in order to facilitate recurring payments.Here are a few of the related questions we’ve recently received: Question: We store credit card info (number … Read more
Concerned about hotels and front-and-back credit card copies? We regularly hear from consumers who are concerned about the manner in which hotels are collecting credit card information from them, much of which is on paper via Credit Card Authorization forms and front-and-back credit card copies. Here … Read more
Question: I own a small MSP service that offers backup services for customers’ servers. Some of our hospitality customers for which we do nothing but this type of backup believe we need to be PCI compliant. All the data is fully encrypted before it is sent … Read more