PCI Compliance Scanning & SAQ
Making compliance easy...
| Sign up now and get your SAQ compliance certificate online quickly and easily for your merchant bank. | Sign up now for both the SAQ Compliance certificate and your PCI Scan Compliance certificate. | 
|
 |
Free PCI Scanning, Is It Worth It?
When a business makes the decision to sell goods or services on the internet, it must obtain a merchant service account from a bank or financial institution. But before a company can be approved, it must demonstrate that it has a secure website that can protect the financial information of its customers from internet criminals.
The Payment Card Industry Data Security Standard (PCI DSS) was designed to ensure that companies can fulfill their obligation to their customers. In this article we will discuss one important component of the security validation process, the PCI scan.
But before we begin, it is important to note that not all online merchants are required to pass a scan. In fact, only businesses that have external facing IP addresses must complete one. For those that do not speak techno babble, this simply means that if you store or save cardholder information of any kind on your servers, your website must submit to a scan. These scans must be administered by an Approved Scanning Vendor (ASV). But do not fret, there is free PCI Scanning available on the internet, however you will soon be asked to pay for the service and often these charges are much higher than other so-called non free.
How important is it? When it comes to PCI compliance, there are three basic validation tools that online merchants are required to pass. There is the Self-Assessment Questionnaire, which can be completed by the Quality Security Assessor (QSA) or for smaller merchants with less funds they should use the online wizard which takes the complication out of this process, and then there is the PCI vulnerability scan.
Of these essential validation tools, only the PCI vulnerability scan must be completed by companies on a quarterly basis. The SAQ is an annual requirement. The reason for this is simple: the scan is the most direct and comprehensive tool for validating the security of your website. And since it can be completed in a matter of minutes, it is also the most convenient.
The penalties for failing to complete a quarterly scan are quite stiff. An online merchant may be assessed and later imposed a fine of five thousand pounds or more and they may lose their merchant service account altogether.
Most importantly try to avoid being sucked into using a so-called free scanning service which will give you very limited scans then demand a payment. We offer unlimited scans once you have signed up and paid and this is just one of the advantages we have over competitors who offer a few free scans then demand payment but then limit you to 10 scans (for the paid version) which soon run out leaving you yet again at the payment page!