dbergert
02-05-2008, 03:28 PM
see:
https://www.pcisecuritystandards.org/tech/saq.htm
and:
https://www.pcisecuritystandards.org/pdfs/instructions_guidelines_v1-1.pdf
A: Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data functions outsourced. This would never apply to face-to-face merchants.
B : Imprint-only merchants with no electronic cardholder data storage
B : Stand-alone terminal merchants, no electronic cardholder data storage
C: Merchants with POS systems connected to the Internet, no electronic cardholder data storage
D: All other merchants (not included in Types 1-4 above) and all service providers defined by a payment brand as eligible to complete an SAQ.
https://www.pcisecuritystandards.org/tech/saq.htm
and:
https://www.pcisecuritystandards.org/pdfs/instructions_guidelines_v1-1.pdf
A: Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data functions outsourced. This would never apply to face-to-face merchants.
B : Imprint-only merchants with no electronic cardholder data storage
B : Stand-alone terminal merchants, no electronic cardholder data storage
C: Merchants with POS systems connected to the Internet, no electronic cardholder data storage
D: All other merchants (not included in Types 1-4 above) and all service providers defined by a payment brand as eligible to complete an SAQ.