PCI compliance with Chase Paymentech

Does anyone have any experience with this. We signed up as a FLS with Paymentech and chase is making us do a level 1 compliance. We are using the orbital hosted payment form and the integration document says there is no PCI liability on us if we use this model but our QSA is asking for guidance from chase to say we can do SAQ A but chase said as much on the phone but can’t put it in writing. Without it, our QSA says we have to go through SAQ D which is everything. That seems excessive especially since we never even see the clear card data. It goes from the customer straight to chase via iframe. Anyone gone through this that can provide any insights or guidance would be much appreciated.

submitted by /u/theTexans
[link] [comments]

Leave a Reply

Your email address will not be published. Required fields are marked *