Support
Let's Partner

PCI Compliance Guidelines

Click Icon to Download

Online Checkout (Redirected): SAQ Type A

For merchants using a third-party shopping cart that redirects customers to pay on another site. 

Requirements: 

  •   Every employee has a unique login to the gateway
  •   Passwords must be strong and updated regularly
  •   Never email or text full card numbers
  •   Never save full card information
  •   Shred or burn paper with card data
  •   Have a written security policy

How Basys Helps:

We partner with you to keep your setup secure and compliant. This includes: 

  •   Domain/IP scans to catch vulnerabilities
  • Hands-on PCI guidance, education and reminders 
Online Checkout (On Your Website): SAQ Type A-EP

For merchants accepting payments directly on their website (no redirect). 

Requirements: 

  •   All SAQ A requirements (see above), plus: 
  •   Firewall and antivirus software must be installed and regularly updated 

How Basys Helps:

You’ll get all the same support as SAQ A, plus Shopping Cart Monitor (SCM) scans to detect risks in checkout scripts to protect your hosted checkout. 

Terminal Using Phone Line or Cellular: SAQ Type B

For merchants using standalone payment terminals that connect via phone line or wireless. 

Requirements: 

  •   Don’t send or store full card numbers 
  •   Show only the last 4 digits on receipts 
  •   Keep the terminal behind a counter or on a secure desk 
  •   Shred or burn card data 
  •   Have a written security policy 

How Basys Helps:

We walk you through your PCI questionnaire and provide clear, ongoing support—so you’re never left guessing. 

Terminal Using Internet: SAQ Type B-IP

(SAQ Type B-IP)
For merchants using internet-connected payment terminals. 

Requirements: 

  •   All SAQ B requirements (see above), plus: 
  •   Firewall and antivirus must be installed and updated regularly 

How Basys Helps:

We’ll scan your network to identify and fix any security gaps—plus offer all the support you need to stay compliant. 

Virtual Terminal (No Card Reader): SAQ Type C-VT

For merchants entering card info manually via a secure web-based portal. 

Requirements: 

  •   Unique logins and strong passwords 
  •   No card info via email or text 
  •   Don’t store full card data 
  •   No downloading games, music, or videos on the same computer 
  •   Shred or burn receipts with card info 
  •   Firewall/antivirus must be installed and kept current 
  •   Written security policy is required  

How Basys Helps:

We make PCI compliance easier with step-by-step help and education tailored to your setup. 

Virtual Terminal with Card Reader: SAQ Type C

For merchants using a computer and a physical card swiper/terminal. 

Requirements: 

  •   All SAQ C-VT requirements 

How Basys Helps:

Our team helps you meet both software and hardware-related compliance requirements with ease. 

Fully Encrypted Terminals (P2PE): SAQ Type P2PE

For merchants using only PCI-validated, fully encrypted payment terminals. 

Requirements: 

  •   Don’t send or store full card data 
  •   Shred or burn any physical card data 
  •   Have a written security policy  

How Basys Helps:

We’ll help you complete your self-assessment and stay up to date with evolving PCI standards—without the hassle. 

Fully Encrypted Terminals (P2PE): SAQ Type P2PE

For merchants using only PCI-validated, fully encrypted payment terminals. 

Requirements: 

  •   Don’t send or store full card data
  •   Shred or burn any physical card data 
  • Have a written security policy 

    How Basys Helps:

    We’ll help you complete your self-assessment and stay up to date with evolving PCI standards—without the hassle. 

    Powered by  GDPR Cookie Compliance
    Privacy Overview

    We use cookies to enhance your experience on our website. Cookie information is stored in your browser to help us recognize you on future visits and understand which content you find most valuable. You can adjust your cookie settings below.