The Payment Card Industry Security Standard Council (PCI SSC) has updated requirements for merchants to validate PCI compliance which takes effect on April 1, 2024. E-commerce merchants who are classified as SAQ A may be required to run External Vulnerability Scans (also referred to as ASV scans) at least once every 90 days.
How will this impact GotSport merchants? Our merchants are classified as SAQ A with your e-commerce (payment processing) fully outsourced to GotSport as your service provider. You will NOT need to perform a vulnerability scan but review the GotSport Attestation of Compliance (AoC).
Our AoC of Scan Compliance is viewable at the link below. We will continue to scan and update this document every 90 days so that our merchants can quickly review it so you can confidently complete your own PCI compliance validation.
Please see the attached ASV Scan Attestation