Why am I failing my PCI compliance questionnaire?

This article covers common reasons merchants may fail their PCI compliance questionnaire.

Here are a list of common reasons you may not be compliant and are failing your PCI compliance self-assessment questionnaire:

  • You are not done completing your PCI compliance self-assessment. You will be listed as failing until you successfully complete the self-assessment. This is expected behaviour.
  • It has been over four months since your last vulnerability scan and your profile requires a vulnerability scan every four months.
  • Your vulnerability scan has failed. For more information on why you may fail a PCI compliance vulnerability scan, refer to Why am I failing my PCI compliance vulnerability scan?.
  • You are not following Payment Card Industry Data Security Standards (PCI DSS). This is commonly caused by answering no to any of the questions, or stating you store or transmit credit card information electronically.