PCI COMPLIANCE

PCI COMPLIANCE

PCI Compliance Answers

UNDERSTANDING PCI & ATTESTATION OF COMPLIANCE

Ensuring the security of credit card transactions is paramount. The Payment Card Industry (PCI) standards, governed by the PCI Council, are in place to safeguard cardholder data. The Availability Exchange Gateway adheres to these rigorous standards, as evidenced by our Attestation of Compliance (AoC). Here are answers to questions we commonly get related to PCI and AoC.

What is PCI?

PCI" simply stands for Payment Card Industry. This industry includes all the various organizations responsible for storing, transmitting and/or processing card and cardholder data for both debit and credit cards. It is directed by the PCI Council, which is composed of the major card brands. They set security standards for all businesses that accept, process, create or transfer credit card information (including virtual cards). You need to be PCI Compliant to do business through Availability Exchange Gateway.

What is an AoC?

A PCI Attestation of Compliance is an official document from the PCI Council that attests an organization's compliance status. It serves as evidence that an organization upholds security best practices to protect and secure sensitive data, primarily credit card data.

How Do I Get an AoC?

If you do not have an AoC completed by a Qualified Security Assessor (QSA), you may obtain a self-assessment AoC as follows:

  • Complete one of the official questionnaires (probably an SAQ-D). Note that this document is generally a private, confidential document for your own use, not one to share with third parties.
  • Go to the PCI Document Library, and select "SAQS" from the "filter by" menu. 
  • Pick the AoC for whichever SAQ questionnaire you completed and send it to us as your self-attestation.
Share by: