We use cookies to give you the best browsing experience and to help us understand how you use our site. Cookies are small snippets of data stored on your computer and some have already been set. By continuing to use our website you are accepting our use of cookies. To find out more, read about cookies

Please note

We cannot answer specific queries about your account here. For Account queries please

Your selected question

Barclaycard say they want to help me, but when I ask technical questions about PCI DSS all they do is refer me to a QSA?

We at Barclaycard are not allowed by the Card Schemes and the PCI Security Standards Council to give technical advice on how to fulfill the requirements of the standard. For example, we cannot give advice on how to protect data and what storage options to use, only accredited organisations can provide this.

However, the standard applies equally to manual processing and storage of cardholder information as well as to electronic methods of storage. Even if the merchant hasn't got a presence on the internet and does not process or store cardholder data electronically, they may be storing cardholder information (e.g. card receipt from terminals, emails received which have cardholder details in them) in a way the standard does not allow.

We have an established programme ‘Barclaycard Data Security Manager’ a programme which helps make it easier for smaller merchants to meet their PCI DSS requirements without having to use a third party assessor. The online service provides the tools needed to achieve, record and maintain compliance with the PCI DSS.

How useful did you find the answer given?

Not at all Very useful