Diff: FAQ #1163
Is a ?P2PE Assessor? required for a merchant?s PCI DSS assessment if the merchant uses a Council-listed P2PE solution?
Earlier Version
Later Version
Removed
Added
No, merchants using PCI-listed P2PE solutions are not required to engage a P2PE assessor [that is, a QSAP2PE (P2PE)Assessor or PA-QSAP2PE (P2PE)]Application Assessor] for their PCI DSS assessments.
Merchants should contact their acquirer (merchant bank) or payment brand(s) directly to understand their PCI DSS validation requirements. See FAQ 1142 How do I contact the payment card brands? for information regarding contacting the payment brands.
Merchants wishing to engage a QSA for their PCI DSS review can find a list of QSAs on the PCICouncilSSC websiteweb site - https://www.pcisecuritystandards.org/approved_companies_providers/qsa_companies.php
Merchants should contact their acquirer (merchant bank) or payment brand(s) directly to understand their PCI DSS validation requirements. See FAQ 1142 How do I contact the payment card brands? for information regarding contacting the payment brands.
Merchants wishing to engage a QSA for their PCI DSS review can find a list of QSAs on the PCI
Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.