thePCI Portal

New SAQs and guidance PCI V3.1

… light at the end of SAQ A web server security tunnel…

As of April 24th, there are new SAQs for PCI DSS V3.1. This includes a new document titled “SAQ Instructions and Guidelines v3.1” and a revision to the May 2014 document titled: “Understanding SAQs for PCI DSS v3“.

A little more fuel for the SAQ A vs SAQ A-EP fire is included so I updated the list of supporting info in the “SAQ A vs A-EP – lots of links” post.  SAQ A is good for iFrames and redirects, SAQ A-EP includes the controls for the webserver.

It looks like there might be a small mistake in the SAQ A-EP eligibility criteria.   Although the council removed this from the table in the “Understanding the SAQs for PCI DSS v3″ doc, it was not removed from the criteria for SAQ A-EP v3.1:
“Your e-commerce website does not receive cardholder data but controls how consumers, or their cardholder data, are redirected to a PCI DSS validated third-party payment processor;”

When consumers are redirected, it appears to be clearly a SAQ A, so this criteria might be reworded.   I can see more evolution coming here in the future and light at the end of the tunnel.

Ad below this line:

8 comments for “New SAQs and guidance PCI V3.1

  1. July 2, 2015 at 11:58 am

    Effort always takes care of and I do believe you’re writing is an ideal example.

      September 17, 2015 at 3:04 pm

      (your not your’re). Takes care of what? SL.

  2. July 28, 2015 at 7:52 am

    The formatting of your post is great. Easy to see, digest and share.

      September 17, 2015 at 3:04 pm

      Thanks, but please don’t eat the content. SL.

  3. October 26, 2015 at 7:12 am

    Hey, you used to write fantastic, but the last few posts have been kinda boring… I miss your super writings. Past several posts are just a bit out of track! come on!

    • thePCIportal
      December 4, 2015 at 4:11 pm

      Thanks for the feedback. Working on it! Doc says it may have been prescription related. Look forward to your thoughts in the future. S.

  4. October 31, 2015 at 10:50 pm

    I simply want to mention I’m newbie to weblog and really liked your page. Very likely I’m going to bookmark your website . You amazingly come with superb articles and reviews. Thank you for sharing your web-site.

    • thePCIportal
      December 4, 2015 at 4:08 pm

      Thanks much! I really hope you ended up doing the bookmark thing! I know its a big commitment, but hey, you are worth it! S.

Leave a Reply

Your email address will not be published. Required fields are marked *