PCI DSS Guidance
Any merchant accepting payments must comply with the PCI Data Security Standards (PCI DSS).
Microform Integration’s approach facilitates PCI DSS compliance through self-assessment and the storage of sensitive PCI information.
Self Assessment Questionnaire
Microform Integrationhandles the card number input and transmission from within iframe elements served from
Cybersourcecontrolled domains. This approach can qualify merchants for SAQ A-based assessments. Related fields, such as card holder name or expiration date, are not considered sensitive when not accompanied by the PAN.
Storing Returned Data
Microform Integrationare stripped of sensitive PCI information such as card number. Fields included in the response, such as card type and masked card number, are not subject to PCI compliance and can be safely stored within your systems. If you collect the CVN, note that it can be used for the initial authorization but not stored for subsequent authorizations.