Merchant services are provided by PNC Merchant Services Company. The merchant account and other services from PNC Merchant Services Company are not deposit products and are not guaranteed or insured by the FDIC or any other governmental agency. PNC Merchant Services is a registered mark of The PNC Financial Services Group, Inc.
Validating PCI Compliance
How to Validate PCI DSS Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to help reduce the risk of theft and fraud of customers' sensitive credit and debit card data.
All businesses that accept credit and debit cards must be able to prove that they are in compliance with PCI DSS. This validation consists of the following steps:
All businesses that accept credit and debit cards must be able to prove that they are in compliance with PCI DSS.
1. Completing a Self-Assessment Questionnaire (SAQ) – There are multiple versions of the PCI DSS SAQ designed to meet various business scenarios. Visit www.pcisecuritystandards.org for an overview of the SAQ and guidance to help you choose the right one for your business.
2. Perform Network Vulnerability Scanning – This step may also be required, depending on how you process payments and the type of Internet connection you use. If required, you must use an Approved Scanning Vendor (or ASV) for the scanning. Visit www.pcisecuritystandards.org for a complete list of ASVs.
Performing these two steps will help determine if there are any weaknesses or vulnerabilities in your payment system or network. If weaknesses or vulnerabilities are discovered, they must be resolved before your business can receive PCI DSS certification.