Business entity that is not a payment brand, directly involved in the processing, storage, or transmission of cardholder data on behalf of another entity. This also includes companies that provide services that control or could impact the security of cardholder data. Examples include managed service providers that provide managed firewalls, IDS and other services as well as hosting providers and other entities. If an entity provides a service that involves only the provision of public network access—such as a telecommunications company providing just the communication link—the entity would not be considered a service provider for that service (although they may be considered a service provider for other services).
- PCI Qualified Professionals
-
-
-
Verify or search for a PCI Qualified Professional. Select the qualification that best suits your needs.
-
-
-
- Products & Solutions Listings
-
-
-
Locate approved devices and payment solutions for use at the point of sale, and point-to-point encryption solutions to protect cardholder data.
-
-
-
- Training & Qualification
-
-
-
Learn more about PCI SSC’s Training & Qualification programs, class schedules, registration information, corporate group training and knowledge training.
-
-
-
- Events
-
-
-
Attend PCI SSC upcoming Community Meetings, programs, webcasts, and industry events where we are speaking.
-
-
-
- Get Involved
-
- Newsroom
-
- Resources
-
- About Us
-
