Now, payment service providers (banks, payment institutions, etc.) working with PCI Checklist can share PCI-DSS Compliance status and risk reports with their Merchants via the PCI Checklist panel.

If you are using the infrastructure of a payment institution that works with PCI Checklist, you may have received an invitation link to view your PCI-DSS Compliance status and risk reports. When you register to the system with the help of this link, you can view your current Compliance status regarding your business, determine your PCI-DSS level, fill in the relevant Self-Assessment Questionnaire (SAQ), digitally sign it and submit it to your payment institution.

1. Click Access Invitation

The invitation sent to you by your payment institution is for your own use. The invitation link looks like the following:

 
When you click on a valid link, you are greeted with a screen similar to the ones below:

If you already have a PCI Checklist account, you can log in directly; or you can register by pressing REGISTER.

2. Sign Up and Confirm Your Account

To register, you need to confirm your e-mail address with the Confirmation e-mail you receive after entering the necessary information and defining your password. You can confirm your account by following the link in the email.

The e-mail will be sent to you at [email protected]If you do not see the e-mail in your inbox, please check your spam box.

3. Sign in

When you log into the system for the first time, you will see a screen similar to the one below. By choosing your position in the company once at this stage only, you will reach the panel.

4. Manage Your PCI-DSS Compliance

After logging in to the panel, there is a “PCI-DSS Compatibility” section in the left menu, as can be seen in the image below. From here, you can continue by clicking on the PCI-DSS Wizard, choosing between “I was directed by the bank” and “I came by myself”. In some cases, you may have received a request number from your bank, you can enter it at this stage.

You can then answer the Wizard’s questions, including the annual transaction volume and the processing and storage of card data.

Based on your answers, the wizard recommends the Self-Assessment Form (SAQ) to be filled out appropriate for your business. From this page, you can select “Proceed to Compatibility Steps”.

Under the “SAQ Management” heading, there is the “SAQ Reports” section. By clicking “Fill New SAQ” you can select and fill the type of SAQ offered to you.

After completing the suitable SAQ for your business, you can digitally sign it and deliver it to your Bank. You can also upload your ASV and AoC reports. In this way, you can learn your compliance status and compliance validity period, and receive time reminders based on your status.

5. Access Your Report

After logging in to the panel, you can download the risk reports shared with you from the “Reports” section on the left menu, then the “Shared” tab and finally by clicking the download button on the right.

These reports include potential cybersecurity risks of your e-commerce site and recommendations for solutions.

6. Read the Information Text

There is an Information Text after the Table of Contents of the report. This section contains some information that will be helpful for you to review the report. It will be useful to read this section, especially to evaluate it with your technical teammates.

7. Share With Your Teammates

Developing and managing today’s complex e-commerce infrastructures is a team job. You can share reports shared with you with your teammates. By clicking the 

“User Icon” on the top right of the screen,

“Settings” from the menu,  

-“Sharing Management” tab on the left,

-“Invite User” on the up-right corner, you can invite and edit who will have access to the panel from your business and view their reports.

If your teammates leave, you can always disable their access.