PCI DSS Compliance Blog: PCI DSS for Small Business

« PA-DSS in 2010 – Are you Prepared? | Main | How to Learn about PCI Compliance »


PCI DSS for Small Business

Surf forums on PCI compliance and you’ll quickly come across a plea for help from a small business owner on sorting out how to comply with PCI DSS.  Especially for mom and pop shops, PCI DSS compliance can be a daunting process.

Small-business-owner One way to ease the process of PCI DSS compliance for your small business is to select a payment processing solution that removes the storage of credit and debit card data from your computer system to a secure data storage facility.  Using end-to-end encryption and tokenization technology, all that's left on the system is a unique identifier (token) that points to the actual credit card data without containing any sensitive information itself. This allows small business owners to securely process recurring bills and transfers all risk of cardholder data storage. If the system was ever breached, the data stored on location would be completely unusable to data thieves.

The advantage of removing cardholder data from your location – in addition to this decrease in risk of a data breach – is the ability to complete a much less time and resource intense PCI SAQ.  The PCI SAQ is an annual self assessment questionnaire that all level 2, 3 and 4 merchants who accept credit or debit card payment must complete.  Merchants who process cardholder data but do not store it on their computer system can fill out SAQ C – a 16 page questionnaire comprised of 41 questions – compared to SAQ D, a 31 page questionnaire comprised of 223 questions.

Read more about how to become PCI compliant and PCI SAQ Made Easy


TrackBack URL for this entry:

Listed below are links to weblogs that reference PCI DSS for Small Business:


Hi All,

I am the Marketing Associate for a small IT consulting group in Manhattan and one major campaign is the PCI Complaince. Where may I find information regarding the SAQ C 41 Question form?



The comments to this entry are closed.

Search Blog

Your email address:

Bookmark and Share


About PCI DSS Compliance Blog

Email Us

PCI Compliance Resources

Industry News on Twitter

Visit Element on