Service Providers

By | March 1, 2016

The definition for a service provider is a business entity directly involved in the processing, storage, or transmission of transaction data or cardholder data on behalf of another merchant or service provider. Service providers also include companies that provide services which control or could impact the security of cardholder data. Examples may include providers of managed firewalls, IDS and other security services, as well as hosting providers and other entities. So to confirm, when an entity is processing, storing, or transmitting cardholder data on behalf of another entity, or they have access to another entity’s cardholder data, they are a service provider. Additionally, an organization that could affect the security of the cardholder data environment of another entity is also considered a service provider, however, you should be careful not to over-interpret this concept. For example, a merchant who uses a particular hardware product for storing cardholder data would not need to include the manufacturer of that product in their assessment.

Leave a Reply

Your email address will not be published. Required fields are marked *