Professional Documents
Culture Documents
Payment Card Industry Pci Standards
Payment Card Industry Pci Standards
Obligations
Payment Card Industry (PCI)
Standards
1. Attain Card Data The Supplier shall comply with the current versions of the PCI This is important to protect cardholder data.
Compliance Standards as issued by the Payment Card Industry Security
The recognised standard to achieving the protection of
Standards Council (PCISSC), such as:
cardholder data is the PCI DSS, which is a global
Payment Card Industry Data Security Standard (PCI-DSS) industry regulatory requirement.
Payment Application Data Security Standard (PA-DSS)
Payment Card Industry Point-to-Point Encruption (PCI- PCI Standards are technical and operational
P2PE) requirements that are set by the PCISSC to protect
Payment Card Industry PIN Transaction Security (PCI-PTS) cardholder data.
Payment Card Industry Card Production (PCI-CP)
Etc. Evidence: Certificate of Compliance issued by the
Quality Service Auditor (QSA)
2. Supplier The Supplier shall provide an Attestation of Compliance (AoC) Evidence that a supplier has attained the relevant Card
Attestation and Report on Compliance (RoC) or Self-Assessment Data compliance for the scope of the services provided
Attestation (SAA), applicable to the scope of the services to Absa Group and adhered to the requirements.
provided to Absa Group, pre-contract and annually thereafter.
This must be in accordance with the PCISSC requirements, see Evidence: Attestation of adherance to PCI Standards
www.pcisecuritystandards.org.