GS Logo
The Green Sheet, Inc

Please Log in

Banner Ad
View Archives

View PDF of this issue

Care to Share?


Table of Contents

Lead Story

Accelerating cash advance

News

Industry Update

On track with a new SAQ

Turbulent negotiations for Hypercom, Ingenico

RevolutionCard, Fifth Third stir the processing pot

State bill clarifies breach obligations

Mobile moves up payments line

Jazz up your game at SEAA

Features

NCR debuts SelfServ ATMs

Tracy Kitten
ATMmarketplace.com

Beacon shining on MLSs

The fight for security - Adapting to new threats

Chris Yaldezian et al
Sterling Commerce

Industry Leader

Marla Knutson –
A glowing payments gem

Views

Cool not enough to propel contactless

Patti Murphy
The Takoma Group

Education

Street SmartsSM:
Back to basics

Dee Karawadra
Impact PaySystem

Merchant tutoring time

Theodore Svoronos
Group ISO

Recruiting is an art form

Nancy Drexler
SignaPay Ltd.

Portfolio sale pitfalls

Adam Atlas
Attorney at Law

ISO compliance challenge

David Mertz
Compliance Security Partners LLC

Company Profile

myARCworld Inc.

New Products

Online survival in the PCI wilderness

PCI Toolkit
CSRSI: The Payment Advisors

Inspiration

The art of charm

Miscellaneous

POScript

Departments

Forum

Resource Guide

Datebook

Skyscraper Ad

The Green Sheet Online Edition

February 25, 2008  •  Issue 08:02:02

previous next

On track with a new SAQ

The payments industry's increasing, and necessary, focus on data security has caused significant grumbling about the PCI PIN Entry Device Security Requirements and the Payment Application (PA) DSS, has updated its Self Assessment Questionnaire (SAQ).

The SAQ is an essential validation tool used by merchants and service providers to demonstrate compliance with the PCI DSS.

The revamped SAQ is designed to simplify and streamline the assessment process and aid small and mid-size merchants who are not required to have on-site PCI compliance assessments. The new SAQ comes in four updated versions tailored specifically for different categories of card acceptors. The upside is that many merchants will no longer have to answer questions about card processing and security systems that don't apply to them.

Conversely, the questions probe harder for weak spots in payment processing software applications - a vulnerable area that some experts believe hasn't received proper attention thus far.

The updated SAQ also aims to bring self-assessments in line with version 1.1 of the PCI standards.

"Inconsistencies between the SAQ and the DSS 1.1 have been addressed," said a PCI SSC representative.

PCI SSC General Manager Bob Russo said with the introduction of the updated SAQ, "merchants will now have a better understanding for the steps necessary to secure their payment data and comply with the PCI DSS." The new SAQ is available now at www.pcisecuritystandards.org/tech/saq.htm. Its four distinct versions include:

The PCI SSC's Web site also contains comprehensive guides and a list of links to help merchants and their service providers better navigate through PCI's murky waters.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services