Wednesday, June 17, 2009

PCI DSS Marches On: Level 2 Merchant to Require A Site Assessment


Branden alerted "the whole wide PCI DSS realm" today with this: "NEWS FLASH: MasterCard Requires On-Site QSA for Level 2 Merchants."

This has been rumored for a while, and turned out to be true. Here is a relevant updated table from the Mastercard site:


Obviously, awesome news for security! Now folks who are hell-bent on not having any concerns for customer data will need to deceive an actual live QSA rather than simply lie on their SAQ...

Dr Anton Chuvakin