Which SAQ should we use if we are a retailer with online and physical presence? We use PA-DSS compliant POS terminals, PCI-DSS compliant payment page/gateway and process over 2 million transactions.
How is it possible to be a PCI DSS SAQ A and accounting laws compliant? SAQ A restricts retaining cardholder data electronically from the payment gateway. For accounting purposes, I need a receipt containing the cardholder’s name.?
Apologies for delayed response. SAQ A doesn't restrict anything, it asks for data to be retained only by those who need it and only to the extent needed. If you are storing only cardholder's name, it doesn't come in scope for PCI DSS / SAQ A. Hope this helps
![F.HERO Ft. JSPKK x ลำไย ไหทองคำ x M-PEE - ไม่สนิทบิดหมด (Thai Riders Anthem) [Official MV]](http://i.ytimg.com/vi/kPJZ0UihBfk/mqdefault.jpg)
![เปิด อาณาจักร หมื่นล้าน "สาระตั้ม" l [Nickynachat]](http://i.ytimg.com/vi/3XE0nPF4YkQ/mqdefault.jpg)
Which SAQ should we use if we are a retailer with online and physical presence? We use PA-DSS compliant POS terminals, PCI-DSS compliant payment page/gateway and process over 2 million transactions.
How is it possible to be a PCI DSS SAQ A and accounting laws compliant? SAQ A restricts retaining cardholder data electronically from the payment gateway. For accounting purposes, I need a receipt containing the cardholder’s name.?
Apologies for delayed response. SAQ A doesn't restrict anything, it asks for data to be retained only by those who need it and only to the extent needed. If you are storing only cardholder's name, it doesn't come in scope for PCI DSS / SAQ A. Hope this helps
Very helpful
Glad you think so!