{"id":4706,"date":"2020-05-01T21:22:48","date_gmt":"2020-05-01T21:22:48","guid":{"rendered":"http:\/\/www.nodus.com\/blog\/?page_id=4706"},"modified":"2021-06-08T15:59:02","modified_gmt":"2021-06-08T15:59:02","slug":"about-payment-card-industry-pci","status":"publish","type":"page","link":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/","title":{"rendered":"About Payment Card Industry (PCI)"},"content":{"rendered":"<p>[vc_row][vc_column][vc_row_inner equal_height=&#8221;yes&#8221; content_placement=&#8221;middle&#8221; el_class=&#8221;epayment&#8221;][vc_column_inner css=&#8221;.vc_custom_1584141923955{background-position: center !important;background-repeat: no-repeat !important;background-size: cover !important;}&#8221;][vc_column_text]<\/p>\n<h2>About Payment Card Industry (PCI)<\/h2>\n<p style=\"text-align: center;\">We have put together a Q&amp;A to help merchants using Microsoft Dynamics learn about Payment Card Industry (PCI) and secure payment processing.<\/p>\n<p>[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner][vc_toggle title=&#8221;What is PCI?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]The Payment Card Industry (PCI) Data Security Standards (DSS) are international, technical, and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect credit card data. To learn more, visit their website:\u00a0<a href=\"https:\/\/www.pcisecuritystandards.org\/\">https:\/\/www.pcisecuritystandards.org\/<\/a>.[\/vc_toggle][vc_toggle title=&#8221;What is PA-DSS?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]Acronym for Payment Application Data Security Standard, which defines security requirements and assessment procedures for software vendors of payment applications. Use of a PA-DSS compliant application by itself does not make an entity PCI DSS compliant, since that application must be implemented into a PCI DSS compliant environment.[\/vc_toggle][vc_toggle title=&#8221;Who does PCI apply to?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]The PCI standards apply to all entities that store, process, or transmit credit cards. This includes merchants, software developers, and manufacturers of applications and devices used in those transactions. In general, PCI Security Standards include:<\/p>\n<ul>\n<li>PCI Data Security Standard (PCI DSS)<\/li>\n<li>PIN Transaction Security Requirements (PTS)<\/li>\n<li>Payment Application Data Security Standards (PA\u2010DSS)<\/li>\n<li>PCI Point\u2010to\u2010Point Encryption Standard (P2PE)<\/li>\n<\/ul>\n<p>[\/vc_toggle][vc_toggle title=&#8221;What is a merchant?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]For the purposes of the PCI DSS, a merchant is defined as any entity that accepts payment cards bearing the logos of any of the five members of PCI SSC (American Express, Discover, JCB, MasterCard or Visa) as payment for goods and\/or services. Note that a merchant that accepts payment cards as payment for goods and\/or services can also be a service provider, if the services sold result in storing, processing, or transmitting cardholder data on behalf of other merchants or service providers. For example, an ISP is a merchant that accepts payment cards for monthly billing, but also is a service provider if it hosts merchants as customers.[\/vc_toggle][vc_toggle title=&#8221;What is a service provider?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]A business entity that is not a payment brand, but is directly involved in the processing, storage, or transmission of cardholder data on behalf of another entity. This also includes companies that provide services that control or could impact the security of cardholder data. Examples include managed service providers that provide managed firewalls, IDS, etc. as well as hosting providers and other entities. If an entity provides a service that involves only the provision of public network access\u2014such as a telecommunications company providing just the communication link\u2014the entity would not be considered a service provider for that service (although they may be considered a service provider for other services).[\/vc_toggle][vc_toggle title=&#8221;What is a payment application?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]In the context of PA-DSS (Payment Application \u2013 Data Security Standards), a software application that stores, processes, or transmits cardholder data as part of authorization or settlement, where the payment application is sold, distributed, or licensed to third parties.[\/vc_toggle][vc_toggle title=&#8221;What is a vulnerability scan?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]A vulnerability scan is a computer program designed to assess a merchant or service provider\u2019s systems for flaws or weaknesses which, if exploited, may result in an intentional or unintentional compromise of a system or its data. Vulnerability scans help in validating PCI DSS compliance. PCI DSS Requirement 11.2 requires that external vulnerability scanning be performed quarterly by an approved scanning vendor (ASV). The ASV needs to be qualified by PCI SSC.[\/vc_toggle][vc_toggle title=&#8221;What is an Approved Scanning Vendor (ASV)?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]An Approved Scanning Vendor (ASV) is a data security firm using a scanning solution to determine whether or not the customer meets the PCI DSS external vulnerability scanning requirement 11.2. ASVs are qualified by the PCI Security Standards Council to perform external network and system scans required by PCI DSS. ASVs may submit compliance reports to the acquiring institution on behalf of a merchant or service provider, if agreed by the ASV and their customer.[\/vc_toggle][vc_toggle title=&#8221;What is a SAQ?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]The Self\u2010Assessment Questionnaire (SAQ) is a validation tool for merchants and service providers to report the results of their PCI DSS self\u2010assessment, if they are not required to submit a Report on Compliance (ROC). The SAQ includes a series of yes\u2010or\u2010no questions for each applicable PCI DSS requirement. If an answer is no, the organization may be required to state the future remediation date and associated actions. There are different SAQs available to meet different merchant environments. If you\u2019re not sure which SAQ would apply to you, contact your acquiring bank or payment card brand for assistance.[\/vc_toggle][vc_toggle title=&#8221;How can Nodus help companies maintain PCI compliance?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]All of Nodus\u2019 solutions are PA-DSS certified. Nodus tests every new version of our products before we ever release them to the public. In addition, we offer off-premises storage methods through PayFabric that removes all sensitive payment information from your local environment.<\/p>\n<p><img loading=\"lazy\" class=\"alignnone size-medium wp-image-4713\" src=\"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-300x184.jpg\" alt=\"\" width=\"300\" height=\"184\" srcset=\"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-300x184.jpg 300w, http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-1024x628.jpg 1024w, http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-768x471.jpg 768w, http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-1536x941.jpg 1536w, http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-880x539.jpg 880w, http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-450x276.jpg 450w, http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid.jpg 1754w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>For additional reading, check out our whitepaper: <a href=\"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2021\/06\/Nodus_PCI-Compliance_Whitepaper.pdf\">PCI Compliance: What It Is and How to Maintain It<\/a>[\/vc_toggle][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_row_inner equal_height=&#8221;yes&#8221; content_placement=&#8221;middle&#8221; el_class=&#8221;epayment&#8221;][vc_column_inner css=&#8221;.vc_custom_1584141923955{background-position: center !important;background-repeat: no-repeat !important;background-size: cover !important;}&#8221;][vc_column_text] About Payment Card Industry (PCI) We have put together a Q&amp;A to help merchants using Microsoft Dynamics learn about Payment Card Industry (PCI) and secure payment processing. [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner][vc_toggle title=&#8221;What is PCI?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]The Payment Card Industry (PCI) Data Security [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"cybocfi_hide_featured_image":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v18.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>About Payment Card Industry (PCI) - Nodus<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"About Payment Card Industry (PCI) - Nodus\" \/>\n<meta property=\"og:description\" content=\"[vc_row][vc_column][vc_row_inner equal_height=&#8221;yes&#8221; content_placement=&#8221;middle&#8221; el_class=&#8221;epayment&#8221;][vc_column_inner css=&#8221;.vc_custom_1584141923955{background-position: center !important;background-repeat: no-repeat !important;background-size: cover !important;}&#8221;][vc_column_text] About Payment Card Industry (PCI) We have put together a Q&amp;A to help merchants using Microsoft Dynamics learn about Payment Card Industry (PCI) and secure payment processing. [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner][vc_toggle title=&#8221;What is PCI?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]The Payment Card Industry (PCI) Data Security [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/\" \/>\n<meta property=\"og:site_name\" content=\"Nodus\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/floridatitleinsurancecompany\/\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-08T15:59:02+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-300x184.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@OlympiaAli22\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.nodus.com\/blog\/#organization\",\"name\":\"Olympia Title & Escrow - Florida Title Insurance and Escrow Agency\",\"url\":\"https:\/\/www.nodus.com\/blog\/\",\"sameAs\":[\"https:\/\/www.facebook.com\/floridatitleinsurancecompany\/\",\"https:\/\/twitter.com\/OlympiaAli22\"],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nodus.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Olympia Title & Escrow - Florida Title Insurance and Escrow Agency\"},\"image\":{\"@id\":\"https:\/\/www.nodus.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.nodus.com\/blog\/#website\",\"url\":\"https:\/\/www.nodus.com\/blog\/\",\"name\":\"Olympia Title and Escrow Florida Title Insurance Escrow Agency\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.nodus.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.nodus.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#primaryimage\",\"url\":\"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid.jpg\",\"contentUrl\":\"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid.jpg\",\"width\":1754,\"height\":1075},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#webpage\",\"url\":\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/\",\"name\":\"About Payment Card Industry (PCI) - Nodus\",\"isPartOf\":{\"@id\":\"https:\/\/www.nodus.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#primaryimage\"},\"datePublished\":\"2020-05-01T21:22:48+00:00\",\"dateModified\":\"2021-06-08T15:59:02+00:00\",\"breadcrumb\":{\"@id\":\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.nodus.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"About Payment Card Industry (PCI)\"}]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"About Payment Card Industry (PCI) - Nodus","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/","og_locale":"en_US","og_type":"article","og_title":"About Payment Card Industry (PCI) - Nodus","og_description":"[vc_row][vc_column][vc_row_inner equal_height=&#8221;yes&#8221; content_placement=&#8221;middle&#8221; el_class=&#8221;epayment&#8221;][vc_column_inner css=&#8221;.vc_custom_1584141923955{background-position: center !important;background-repeat: no-repeat !important;background-size: cover !important;}&#8221;][vc_column_text] About Payment Card Industry (PCI) We have put together a Q&amp;A to help merchants using Microsoft Dynamics learn about Payment Card Industry (PCI) and secure payment processing. [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner][vc_toggle title=&#8221;What is PCI?&#8221; style=&#8221;simple&#8221; color=&#8221;blue&#8221;]The Payment Card Industry (PCI) Data Security [&hellip;]","og_url":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/","og_site_name":"Nodus","article_publisher":"https:\/\/www.facebook.com\/floridatitleinsurancecompany\/","article_modified_time":"2021-06-08T15:59:02+00:00","og_image":[{"url":"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid-300x184.jpg"}],"twitter_card":"summary_large_image","twitter_site":"@OlympiaAli22","twitter_misc":{"Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.nodus.com\/blog\/#organization","name":"Olympia Title & Escrow - Florida Title Insurance and Escrow Agency","url":"https:\/\/www.nodus.com\/blog\/","sameAs":["https:\/\/www.facebook.com\/floridatitleinsurancecompany\/","https:\/\/twitter.com\/OlympiaAli22"],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nodus.com\/blog\/#\/schema\/logo\/image\/","url":"","contentUrl":"","caption":"Olympia Title & Escrow - Florida Title Insurance and Escrow Agency"},"image":{"@id":"https:\/\/www.nodus.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"WebSite","@id":"https:\/\/www.nodus.com\/blog\/#website","url":"https:\/\/www.nodus.com\/blog\/","name":"Olympia Title and Escrow Florida Title Insurance Escrow Agency","description":"","publisher":{"@id":"https:\/\/www.nodus.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.nodus.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#primaryimage","url":"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid.jpg","contentUrl":"http:\/\/www.nodus.com\/blog\/wp-content\/uploads\/2020\/05\/PCI-Pyramid.jpg","width":1754,"height":1075},{"@type":"WebPage","@id":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#webpage","url":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/","name":"About Payment Card Industry (PCI) - Nodus","isPartOf":{"@id":"https:\/\/www.nodus.com\/blog\/#website"},"primaryImageOfPage":{"@id":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#primaryimage"},"datePublished":"2020-05-01T21:22:48+00:00","dateModified":"2021-06-08T15:59:02+00:00","breadcrumb":{"@id":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.nodus.com\/blog\/about-payment-card-industry-pci\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.nodus.com\/blog\/"},{"@type":"ListItem","position":2,"name":"About Payment Card Industry (PCI)"}]}]}},"_links":{"self":[{"href":"http:\/\/www.nodus.com\/blog\/wp-json\/wp\/v2\/pages\/4706"}],"collection":[{"href":"http:\/\/www.nodus.com\/blog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/www.nodus.com\/blog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/www.nodus.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.nodus.com\/blog\/wp-json\/wp\/v2\/comments?post=4706"}],"version-history":[{"count":0,"href":"http:\/\/www.nodus.com\/blog\/wp-json\/wp\/v2\/pages\/4706\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.nodus.com\/blog\/wp-json\/wp\/v2\/media?parent=4706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}