Skip to main content

πŸ’Ό 12.9.1 TPSPs provide written agreements to customers that include acknowledgments that TPSPs are responsible for the security of account data the TPSP possesses or otherwise stores, processes, or transmits on behalf of the customer, or to the extent that the TPSP could impact the security of the customer's cardholder data and/or sensitive authentication data.

  • Contextual name: πŸ’Ό 12.9.1 TPSPs provide written agreements to customers that include acknowledgments that TPSPs are responsible for the security of account data the TPSP possesses or otherwise stores, processes, or transmits on behalf of the customer, or to the extent that the TPSP could impact the security of the customer's cardholder data and/or sensitive authentication data.

  • ID: /frameworks/pci-dss-v4.0.1/12/09/01

  • Located in: πŸ’Ό 12.9 Third-party service providers (TPSPs) support their customers' PCI DSS compliance.

Description​

Additional requirement for service providers only.

Similar​

  • Sections
    • /frameworks/pci-dss-v4.0/12/09/01

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 12.9.1 TPSPs acknowledge in writing to customers that they are responsible for the security of account data the TPSP possesses or otherwise stores, processes, or transmits on behalf of the customer, or to the extent that they could impact the security of the customer's CDE.

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 12.9.1 TPSPs acknowledge in writing to customers that they are responsible for the security of account data the TPSP possesses or otherwise stores, processes, or transmits on behalf of the customer, or to the extent that they could impact the security of the customer's CDE.

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags