Frequently Asked Question
How do I contact the payment card brands?
Contact the applicable payment brands and/or acquirer (merchant bank) for more information about PCI compliance programs.
Contact details for the PCI SSC Participating Payment Brands are provided below:
American Express
Website: http://www.americanexpress.com/datasecurity
Email: AmericanExpressCompliance@securetrust.com
Discover
Website: https://www.discovernetwork.com/en-us/
For questions about the DISC program:
https://www.discovernetwork.com/en-us/business-resources/fraud-security/pci-rules-regulations/
Email: DISCCompliance@discover.com
JCB
Website: http://www.global.jcb/en/products/security/data-security-program/
Email: riskmanagement@info.jcb.co.jp
Mastercard
Website: http://www.mastercard.com/sdp
Email: sdp@mastercard.com
UnionPay
Visa
Asia Pacific
For Merchant Requirements
Website: https://www.visa.com.sg/support/small-business/security-compliance.html
Email: vpssais@visa.com
For Service Provider Requirements
Website: https://www.visa.com.sg/partner-with-us/pci-dss-compliance-information.html
Email: pciagents@visa.com
Canada and the U.S.
Website: http://www.visa.com/cisp
Email: cisp@visa.com
Central Europe, Middle East, & Africa
Website: http://www.visa.com/cisp
Email: pcicemea@visa.com
Europe
Website: http://www.visaeurope.com/ais
Email: datasecuritystandards@visa.com - for member and merchant requirements
Email: pcidsseurope@visa.com - for service provider requirements
Latin America and the Caribbean
Website: http://www.visa.com/cisp
Email: aislac@visa.com
Visa PIN Security Program
Website: http://www.visa.com/pin
______________________________________________________________
For information about PCI SSC Affiliate Members, please refer to the
following link: https://www.pcisecuritystandards.org/get_involved/affiliate_members.php
January 2024
Article Number: 1142
Related
-
What evidence is a TPSP expected to provide to customers to demonstrate PCI DSS compliance?
-
Does PCI SSC consider guidance from other standards organizations when making updates to PCI standards?
-
If an organization provides software or functionality that runs on a consumer's device (for example, smartphones, tablets, or laptops) and is used to accept payment account data, can the organization store card verification codes for those consumers?
Featured FAQ Articles
Featured
-
Do PCI DSS requirements for keyed cryptographic hashing apply to previously hashed PANs?
-
Is the PCI DSS Attestation of Compliance intended to be shared?
-
How does an entity report the results of a PCI DSS assessment for new requirements that are noted in PCI DSS as best practices until a future date?
-
Where do I direct questions about complying with PCI standards?
-
Can SAQ eligibility criteria be used for determining applicability of PCI DSS requirements for assessments documented in a Report on Compliance?
Most Popular
-
What evidence is a TPSP expected to provide to customers to demonstrate PCI DSS compliance?
-
Does PCI SSC consider guidance from other standards organizations when making updates to PCI standards?
-
If an organization provides software or functionality that runs on a consumer's device (for example, smartphones, tablets, or laptops) and is used to accept payment account data, can the organization store card verification codes for those consumers?
-
Do PCI DSS requirements for keyed cryptographic hashing apply to previously hashed PANs?
-
Can a compensating control be used for requirements with a periodic or defined frequency, where an entity did not perform the activity within the required timeframe?
Most Recently Updated
-
Where can I find the current version of PCI DSS?
-
Why are there multiple PCI DSS Self-assessment Questionnaires (SAQs)?
-
What is a PCI DSS Self-Assessment Questionnaire?
-
Are Mobile Payments on COTS (MPoC) solutions, Software-based PIN Entry on COTS (SPoC)™ solutions, or Contactless Payments on COTS (CPoC™) solutions eligible for a P2PE Solution approval?
-
How can an entity meet PCI DSS requirements for PAN masking and truncation if it has migrated to 8-digit BINs?