Saturday, January 10, 2009

PCI Compliance for Level 3 Vendor

I'm a level 3, 20K-1M online transactions vendor, none stored.

The requirements for me are, I think:

1. Filling out and sending to my bank a PCI Self-Assessment Questionnaire.
2. A quarterly scan by an approved vendor. Here is a partial list of vendors:

Mcafeesecure.com - 807 322-9965
ControlScan.com
SecurityMetrics.com

3. Ensuring your gateway provider is PCIDSS compliant. Here is where it's a little gray for me. My vendor is not on the list. But, he has submitted a letter to me showing that he is compliant under an arrangement with another company. If I wanted the validity of that reviewed, who would I check with? Am I being too nerdy in wanting to check?

6 comments:

kevinhil123 said...

Thank you for this very useful information.
assignment writing | essay writing | academic writing

Joseph Roolins said...

Thankfulness to my dad who informed me relating to this blog, this website is really amazing. build corporate credit fast

John Brooks said...

Thanks meant for sharing this type of satisfying opinion, written piece is fastidious, that’s why I’ve read it completely. http://www.nomoreh1b.com/greg-jacobs-incredible-dream-machines-review-and-bonus/

Catherine Aird said...

The blog is good enough I again n again read this. goldcross-training.co.uk

Ariel Eckblad said...

Remarkable blog! I have no words to praise, it has really allured me. jan williams

mana76445 said...

Your blogs and its stuff are so notable and worthwhile it can make me return.
credit glory nyc