Diff: FAQ #1044

Do ISPs that provide only internet connection need to comply with the PCI DSS?

Earlier Version
2009-03-13T00:00:00+00:00

Later Version
2012-04-13T00:08:00+00:00

Removed

Added

If the ISP only provides a ~~?pipe?~~"pipe" for internet access, then it is not considered a service provider and is not subject to PCI DSS compliance. However, if the ISP is providing additional services such as firewalls or hosting functions, it is considered a service provider and would need to comply with the PCI DSS.

Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.