PCI Watch

Tracking changes across the Payment Card Industry
ℹ️
Reference Content: This is a copy of content from the PCI Security Standards Council FAQ database, preserved for tracking changes over time.
View Original →
FAQ #1216 Published

Does the PCI DSS apply to acquirers?

PCI DSS applies to any entity that stores, processes, or transmits cardholder data and any such entity is expected to comply with PCI DSS, including acquirers. However, each payment card brand manages their own PCI DSS compliance programs that may include, for example, who must validate compliance, merchant and service provider levels, and due dates. At their discretion, payment card brands may require acquirers to validate PCI DSS compliance. For more specific information on PCI DSS compliance validation requirements, please contact the payment brands directly.
 

View original on PCI SSC website View all versions Back to recent changes

Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.