Our Service Provider is Compliant, Must Our Organization Be As Well?

December 9, 2014 • Published Categories PCI 101Tags , , , , ,

“Ask the QSA” Question: My organization is an online service provider. Our customers are merchants (i.e., our customers are receiving the payment through our servers) and the credit card payment storage is done by a Level 1 PCI DSS Validated third party. Does my organization … Read more

PCI Compliance and the Service Provider

February 26, 2013 • Published Categories PCI 101Tags , , , , ,

Why Merchant Service Providers Must Commit to Stronger Security The complementary growth in cloud-based services such as data hosting and payment processing has created a new breed of service provider. These service providers and their systems interact with sensitive data from a variety of business … Read more

How ISOs & Acquirers Can Assess, Educate and Protect Their Merchants

August 10, 2011 • Published Categories Acquirer Programs, ArchiveTags , , , , , , , , , , , , ,

The days of simply sending a newsletter or statement stuffer to a merchant describing the PCI requirements may no longer be sufficient to protect the Acquiring community (Sponsor Banks, Processors and ISOs) from the card brand obligations, liability and the impact of state law violations. … Read more