0

Does the PCI DSS standard apply to providers that solely work with check by phone ?

i.e collecting

1) Account numbers 2) Routing numbers 3) Check number

in other words - no credit cards

Thanks

Mat
  • 202,337
  • 40
  • 393
  • 406
aks
  • 255
  • 3
  • 15
  • Did you bother looking at the official docs? https://www.pcisecuritystandards.org/security_standards/ – Marc B Mar 12 '12 at 15:49
  • Yes, even went through the self assessment questionnaire. Cant find a reference to paper check . Fundamental question is does PCI DSS have any bearing on how paper checks are stored, processed (via check by phone) or is it the purview of Check 21 Act – aks Mar 12 '12 at 20:03

1 Answers1

1

The title of the standard is the best clue: Payment Card Industry - Data Security Standard. It applies to the storage of payment card details.

Check page 7 of the PCI DSS standard here: https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf

Checks do not normally have a payment card primary account number printed on them so PCI-DSS would not normally apply.

dfbpdave
  • 348
  • 1
  • 4