How to comply with PCI DSS

Hey there!

in order to comply with PCI DSS how can I manage the SAQ A

SAQ-A is a self assessment questionnaire you will need to fill out for your business, attesting to the fact that you personally don’t process credit card info, you pass that off to Stripe to handle.

The plugin handles the technicalities of this, qualifying you to use SAQ-A, but you will need to fill out the form.

Here’s the PCI council’s guide to this: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-1_SAQ_A_rev1-1.pdf

Hopefully that helps! Have a great one!

Hi again. Thanks for your reply. Could you confirm, please, that the plugin uses iFrame as the Ecommerce method? Thanks in advance.

Regards

Hey again!

Stripe provides the Stripe.js and Elements to use through the plugin on your site, obviously assuming that the plugin is not modified from the way we make it. This qualifies you for SAQ-A.

You can read more about this from Stripe here: https://stripe.com/docs/security/guide

Hey Happiness Engineer!

I have one last question regarding the assessment. Where it says “Merchant Attestation Signature of Merchant Executive Officer”. I’m self employed, so I have no emplyees. The Merchant Executive Officer is supposed to be me? Thanks in advance.

Regards ??

Hey again!

I don’t have any insight into what that might mean in regards to your business structure unfortunately.

I’d either look around for info on the internet from someone with more knowledge of what the PCI-DSS council is meaning there, or contact them directly.

Have a great one!