While the PCI SSC manages the security standards and provides training for security assessors, we do not enforce compliance or define validation reporting requirements. Compliance validation programs are maintained by the individual payment brands, including requirements on how and who needs to validate compliance. The PCI SSC recommends that entities contact their acquirer and/or the payment brands directly, as applicable, to understand their validation reporting requirements. Please contact the payment brands directly.
Article Number 1213