{"id":10430,"date":"2025-02-28T14:15:10","date_gmt":"2025-02-28T19:15:10","guid":{"rendered":"https:\/\/iqcol.com\/?p=10430"},"modified":"2025-03-18T09:29:21","modified_gmt":"2025-03-18T14:29:21","slug":"saq-nuevos-criterios-de-elegibilidad-e-commerce-2025","status":"publish","type":"post","link":"https:\/\/iqcol.com\/en\/saq-nuevos-criterios-de-elegibilidad-e-commerce-2025\/","title":{"rendered":"Frequently asked questions clarify the new eligibility criteria for SAQ"},"content":{"rendered":"<p data-pm-slice=\"1 1 []\">The <strong>PCI Security Standards Council (PCI SSC)<\/strong> has announced the launch of a section of <strong>frequently asked questions (FAQ)<\/strong> intended to provide greater clarity on the new eligibility criteria for the <strong>Self-assessment questionnaire (SAQ) TO<\/strong> recently updated. This initiative responds to requests from the industry and reaffirms the commitment of PCI SSC to provide clear guidance and practice to e-commerce merchants.<\/p>\n<p>With the arrival of the version <strong>PCI DSS v4.0.1<\/strong>, which will take place on the <strong>April 1, 2025<\/strong>, it is crucial that traders understand the new requirements and be prepared to comply with them.<\/p>\n<h2>New eligibility criteria for the SAQ A PCI DSS v4.0.1<\/h2>\n<p>To comply with the eligibility criteria of the <strong>SAQ TO r1 of PCI DSS v4.0.1<\/strong>merchants should confirm that your web site is not vulnerable to attacks of scripts that might compromise the security of e-commerce systems.<\/p>\n<p>Faq <strong>1588<\/strong> provides guidance on how merchants can verify this security through two main options:<\/p>\n<ol start=\"1\" data-spread=\"true\">\n<li><strong>Implementation of security measures on your website:<\/strong>\n<ul data-spread=\"false\">\n<li>Using techniques recommended in the <strong>Requirements 6.4.3 and 11.6.1 of the PCI DSS<\/strong> to protect the site from attacks of scripts aimed at the data from the account.<\/li>\n<li>These techniques can be implemented directly by the merchant, or through an external provider specialized.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Confirmation on the part of third-party service providers (TPSP)\/payment processors:<\/strong>\n<ul data-spread=\"false\">\n<li>To obtain warranty that the payment providers that are compatible with the PCI DSS have implemented solutions that protect the payment page of the merchant of attacks of scripts.<\/li>\n<li>Protection is applied when the merchants implement the solutions of TPSP in accordance with the instructions of the supplier.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h3>Who applies the SAQ TO<\/h3>\n<p>The SAQ TO <strong>only applies to<\/strong> to e-commerce merchants using a <strong>form or page of integrated payment<\/strong> provided by a TPSP\/payment processor, using items such as <strong>iframes<\/strong>.<\/p>\n<p>The SAQ TO <strong>not applicable<\/strong> to:<\/p>\n<ul data-spread=\"false\">\n<li>Merchants that redirect your customers to the checkout page from a TPSP (for example, through <strong>redirects HTTP 30x, meta tags or JavaScript<\/strong>).<\/li>\n<li>Merchants who outsource completely the function of payment sending to the customer a link to the platform of the TPSP.<\/li>\n<\/ul>\n<h3>Recommendations for merchants<\/h3>\n<p>Merchants should work in close collaboration with its <strong>payment service providers<\/strong> to ensure a safe implementation of payment solutions. In addition, it is advisable to consult with your <strong>acquirer or the payment brands relevant<\/strong> to confirm if the SAQ A is the self-assessment questionnaire is appropriate for your specific environment.<\/p>\n<h3>Additional resources<\/h3>\n<p>The new section of frequently asked questions <strong>PCI SSC<\/strong> it is already available on its web site. These resources provide detailed information on the security of the data and the validation criteria, helping retailers to better understand their responsibilities and to reduce the uncertainty in the performance of <strong>PCI DSS v4.0.1<\/strong>.<\/p>\n<p>With this new resource, the e-commerce merchants can move forward in your process of validation with greater confidence, to strengthen the security of payments and ensuring compliance with the latest standards in the industry.<\/p>\n<h6>Source: <a href=\"https:\/\/blog.pcisecuritystandards.org\/faq-clarifies-new-saq-a-eligibility-criteria-for-e-commerce-merchants?utm_campaign=Blog&amp;utm_medium=email&amp;_hsenc=p2ANqtz--6IDgz084hFBm5kJR3_-LDy2G8jNK7k9dCA9MP7UaXdh_3v-9IQdnDFGGnvV7zebIVIBcRT25CQOo3aqG_W6B58itTp926wOfuvvKX8EKLi12QVGE&amp;_hsmi=349518532&amp;utm_content=349518532&amp;utm_source=hs_email\" target=\"_blank\" rel=\"noopener\">PCI<\/a><\/h6>\n<p>You may also like: <a href=\"https:\/\/iqcol.com\/en\/criptomonedas-avanza-regulacion-en-colombia-2025\/\">Colombia Advances in the Regulation of Criptomonedas<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>El PCI Security Standards Council (PCI SSC) ha anunciado el lanzamiento de una secci\u00f3n de preguntas frecuentes (FAQ) destinada a proporcionar mayor claridad sobre los nuevos criterios de elegibilidad para el Cuestionario de Autoevaluaci\u00f3n (SAQ) A recientemente actualizado. Esta iniciativa responde a las solicitudes de la industria y reafirma el compromiso de PCI SSC de [&hellip;]<\/p>","protected":false},"author":1,"featured_media":10431,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-10430","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-noticias"],"blocksy_meta":[],"_links":{"self":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/posts\/10430","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/comments?post=10430"}],"version-history":[{"count":0,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/posts\/10430\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/media\/10431"}],"wp:attachment":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/media?parent=10430"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/categories?post=10430"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/tags?post=10430"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}