As the Payment Card Industry (PCI) rapidly expanded, the Payment Card Industry Security Standards Council (PCI SSC) developed a set of requirements called the Payment Card Industry Data Security Standard (PCI DSS). These specifications ensure all companies that process, store or transmit credit card information maintain a secure environment. PCI applies to all organizations or merchants that accept, transmit or store cardholder data, regardless of size or number of transactions.
Different expectations apply to merchants so PCI has structured 4 categories and 8 validation levels to accommodate the various scenarios.
Because SiteSpect does not accept payment, we are not classified as a Merchant but as a Service Provider. As such, we have completed SAQ D for service providers as our unique proxy-based approach makes us a peripheral participant.
Get more information about PCI Compliance here.