APPENDIX C: SAQ & TRUSTWAVE SCAN REQUIREMENTS

Merchant guide to SAQ selection and external scanning requirements.

SAQ Version

Description

No. of Questions

Scanning Required?

Processing Examples

A

e-Commerce, fully outsourced - Card Not Present

14

No

*Converge HPP or Authorize.net
(iFrame or Redirect)

A_EP

e-Commerce, website can impact security of payment transaction

139

Yes

Direct Post or API e-Commerce solution

B

Standalone dial-up and cellular terminals

41

No

*Verifone Vx520 or Ingenico iCT 250

B_IP

Standalone PTS-approved terminals (IP)

83

Yes

Vx520, iCT 250 (IP connection)

C_VT

Virtual Terminals with keyboard entry

73

No

*Converge Virtual Terminal

C

Payment application connected to network (IP)

139

Yes

POS system, CHD environment segmented

D

All other merchants

326

Yes

POS system, e-Commerce collecting CHD

*Preferred method recommended by the University

 


 

  1. Policy
  2. Purpose
  3. General Responsibilities
  4. Merchant Responsibilities
  5. New Merchant Accounts
  6. Established Merchant Accounts
  7. Universal Compliance Requirements
  8. Important Links for Merchants

APPENDIX A:  12 PRIMARY REQUIREMENTS OF PCI DATA SECURITY STANDARDS
APPENDIX B:  MERCHANT LEVELS DEFINED - COMPLIANCE VALIDATION REQUIREMENTS
APPENDIX C:  SAQ & TRUSTWAVE SCAN REQUIREMENTS