What is PCI compliance?

Self Assessment Questionnaire (SAQ) for Payment Card Industry Data Security Standards

Angela avatar
Written by Angela
Updated over a week ago

While Schedulicity does not store any credit card data, rest assured our payment processor is absolutely PCI compliant and securely processes your credit card transactions.

Our payment integration was designed to give businesses the assurance of PCI security, so they can focus on all the things that makes their business boom! ๐Ÿ’ฅ

Jump to a section in this article:

What is PCI Compliance?

PCI-DSS Compliance is a credit card industry acronym that stands for Payment Card Industry Data Security Standard, and it's important for any business looking to accept, store, and process card payments through means of internet-based payments.

These guidelines were created to ensure a level of protection for consumers, businesses, and banks from online fraud and data breaches during this ever-growing internet era. This means that all businesses should practice a set of PCI standards as well as host their data securely with a PCI compliant hosting provider. That PCI compliant hosting provider for Schedulicity is our Payment Processor, Adyen

While PCI compliance is not required by law it is, however, required by credit card companies to make online transactions secure and protect them against identity theft. Any business that wants to process, store, or transmit credit card data is required to be PCI compliant, according to the PCI Compliance Security Standard Council.

If you're curious about what those requirements are, see them listed below:

  1. Install and maintain a firewall configuration to protect cardholder data

  2. Do not use vendor-supplied defaults for system passwords and other security parameters

  3. Protect stored cardholder data

  4. Encrypt transmission of cardholder data across open, public networks

  5. Use and regularly update antivirus software

  6. Develop and maintain secure systems and applications

  7. Restrict access to cardholder data by business need-to-know

  8. Assign a unique ID to each person with computer access

  9. Restrict physical access to cardholder data

  10. Track and monitor all access to network resources and cardholder data

  11. Regularly test security systems and processes

  12. Maintain a policy that addresses information security

Why do I need to acknowledge my PCI compliance?

What's a SAQ-A? SAQ stands for "Self Assessment Questionnaire," and it's a handy self-validation tool intended to assist businesses and service providers evaluate their compliance with the Payment Card Industry Data Security Standard, otherwise known as PCI DSS. SAQs are designed to help you report the results of your PCI DSS self-assessment and it's important that you meet all of the standards for a specific SAQ. There are many different types of SAQ forms and it can get confusing if you're trying to go about this on your own.

Fortunately, upon approval for our Schedulicity Pay, you pre-fill the SAQ from our partner, review and accept during the application process.

Did this answer your question?