The PCI Standards Council released SAQ A (Self-Assessment Questionnaire, v3.2, updated January 2017 v3.2.1.1)
for organizations like Applied Computer Technology, Inc. where the credit card is not present and all cardholder
data functions are fully outsourced. EXPOCAD® uses a PCI DSS certified 3rd party tool to manage credit card transactions.
To qualify for SAQ A attestation the software must:
- Confirm with the payment application vendor system does not store sensitive
authentication data after authorization. - Read and maintain the PCI DSS compliance, as applicable to the environment, at all times.
- If the environment changes, a reassessment of the environment must be completed and
implement any additional PCI DSS requirements that apply. - All elements of the payment page is delivered to the exhibitor’s browser originate only and
directly from a PCI DSS validated third-party service provider.
The above criteria have been met, and more specifically, the standards in the SAQ questionnaire.
We will continue to hold our corporation and software to this standard and beyond.
We understand and appreciate the importance of compliance and we will continue to
maintain the level which is required.