Skip to main content

ASV Scans According to PCI DSS – Responsibility for Operators of Online Shops

6. August 2024 Across the Board
Grafik: PCI DSS

The PCI DSS 4.0 (Payment Card Industry Data Security Standard) serves to protect sensitive credit card information from unauthorised access. The standard applies to all organisations that store, process, or transmit credit card data. It is managed by the PCI SSC (Payment Card Industry Security Standards Council), a consortium of MasterCard, Visa, JCB, Discover, and American Express.

Compliance with PCI DSS minimises the risk of data breaches, builds customer trust, and avoids potential financial penalties from credit card companies. Payment providers must regularly prepare compliance reports, obtain certification, and, if necessary, undergo audits. PCI DSS requirements include the Approved Scanning Vendor (ASV) Scan and self-disclosure questionnaires. Payment providers forward these to credit card acceptance centres, which commission them to handle the technical processing of online payments and the connection to payment systems. This also includes operators of online shops and, by extension, ADITUS customers.

What is an ASV Scan?

An ASV scan is an important component of the PCI DSS compliance process. It is conducted by an Approved Scanning Vendor (ASV), which is certified by the PCI SSC to perform vulnerability scans on the networks and systems of credit card acceptance points. ASV scans must be repeated regularly to ensure ongoing compliance. Along with the request to submit the ASV scan certificate, there is also a request to complete a questionnaire with technical procedural questions.

Our Service for ASV Scans and Certification

Our customers, who handle credit card data, must provide regular proof that ASV scans have been conducted. Payment providers, such as PayOne (formerly Six Saferpay), request this proof.

To simplify this process for our customers, ADITUS has established an agreement with the ASV provider that significantly reduces their workload. We can have conducted ASV scans of ADITUS products that handle credit card data centrally for our customers and subsequently provide them with the necessary certificates.

How Does the ADITUS Service Work?

When our customers need to submit a certificate, we support them with our service in several steps:

  1. Contact: Our customers get in touch with their contact person at ADITUS.
  2. Questionnaire: We help complete the required self-assessment questionnaire necessary for ASV scans.
  3. Certificates: We provide the ASV scan certificate, making it easy for our customers to submit it.

This comprehensive service allows our customers to focus on their core business while we manage PCI DSS compliance on their behalf.

zurück zum Blogback to the blog

Top aktuelle NewsTop recent news

Das könnte Dich auch interessierenThis might also interest you