-2

I am not sure if this is the correct forum or not but I've been tasked with determining our PCI requirements, we being a group of developers who will create/maintain code that handles PCI data. We will not STORE the data or execute transactions, we will simply be a web service layer that accepts and passes on PCI data.

Because we will neither store or execute transactions, my understanding is we will not need compliance training, nor required to complete compliance reports.

If this isn't the correct forum I can move it.

Thanks.

Half_Duplex
  • 5,102
  • 5
  • 42
  • 58
  • 1
    This isn't the correct forum. Or a forum at all. – JJJ Oct 23 '17 at 13:45
  • 2
    This is a Q&A site about specific programming questions. You've been here long enough to know that. You will need to pay for certification: https://www.pcisecuritystandards.org/ – duffymo Oct 23 '17 at 13:45

1 Answers1

0

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment.

Importantly, that process, store or transmit credit card information maintain a secure environment.

So yes, based on the definition on this forum I'd assume so.

Jack hardcastle
  • 2,748
  • 4
  • 22
  • 40