What is the role of acquirers and assessors in determining the applicability of PCI DSS requirements for a merchant’s PCI DSS assessment?
Are PFIs required to fill out all the fields in the Final PFI Report?
What does “Servicing Markets” on the QSA listing mean?
Does a QSA need to be onsite at the client’s premises for all aspects of a PCI DSS assessment?
If a merchant develops an application that runs on a consumer’s device (e.g. smartphone, tablet, or laptop) that is used to accept payment card data, what are the merchant’s obligations regarding PCI DSS and PA-DSS for that application?
What are acceptable formats for truncation of primary account numbers?
In what circumstances is multi-factor authentication required?
Are audio/voice recordings permitted to contain sensitive authentication data?
How does use of an expired PTS device affect my PCI DSS compliance?
