Skip to main content

Resource Center

With our Merchant Resource Center, you'll find the guides and forms you need to manage your debit and credit card processing.


eCommerce Risk Mgmt Guidelines | Card Present Best Practices | Card Not Present Best Practices | Preventing Employee Fraud | FTC Compliance Guidelines | Card Acceptance Best Practices | Payment Card Industry Data Security Standard | Visa Payment Application Best Practices | Card Acceptance Guidelines for Visa Merchants | Chargeback Management Guidelines for Visa Merchants | Unembossed Visa Card Acceptance Guidelines | Chargeback Prevention Overview | AVS Response Codes Reference Guide


Bank Account Number Change | Address/Phone/Fax Change | Additional Location | Business Name Change | Add/Change Card | Credit Card Authorization Form | Data Breach Insurance Opt Out Form

Payment Card Industry Data Security Standard

When customers offer their bank card at the point of sale, over the Internet, on the phone, or through the mail, they want assurance that their account information is safe. The Cardholder Information Security Program (CISP) is intended to protect cardholder data – wherever it resides – ensuring that members, merchants, and service providers maintain the highest information security standard. In 2004, the CISP requirements were incorporated into an industry standard known as the Payment Card Industry (PCI) Data Security Standard (DSS). Following is a summary of the PCI DSS which must be followed by all merchants:

Payment Card Industry Data Security Standard Summary (530kb PDF)

Visa® and MasterCard are committed to ensuring the safety and security of their payment systems and cardholder's confidence in shopping with payment cards. The appropriate Payment Card Industry Self Assessment Questionnaire must be completed annually by any merchant that captures, transmits or stores credit and debit card data. Completed questionnaires can be faxed to Merchant Risk Management at 207-753-3398. Please contact Customer Service at 800-348-4025 with any questions on completing this form.

Learn more about our PCI provider, or enroll in SecurityMetrics services.


  • Self Assessment Questionnaire (SAQ) Instructions (255kb PDF) Instructions and guidelines for selecting and completing the appropriate PCI Data Security Standard (DSS) SAQ
  • SAQ A (83kb PDF) For merchants who do not store, process or transmit electronic cardholder data
  • SAQ B (112kb PDF) For merchants who use imprint machines or stand-alone dial-out terminals and who do not store electronic cardholder data
  • SAQ C (183kb PDF) For merchants who use the online payment application, but do not store electronic cardholder data
  • SAQ C, Virtual Terminal (133kb PDF) For merchants that use a virtual terminal and do not store electronic cardholder data
  • SAQ D (253kb PDF) For all other merchants and service providers required to complete the SAQ
  • Merchant Attestation of Compliance Form (52kb PDF) For all other merchants and service providers required to complete the SAQ
  • PCI DSS Glossary (99kb PDF) This document provides definitions of the terms used in the Self Assessment Questionnaire and PCI Data Security Standard documents

Contact Merchant Services

Contact a Merchant Services expert to arrange a free consultation or call 800-348-4025.

©2015 Visa U.S.A. Inc.

+ By clicking on this link you are leaving our website and entering a third-party website over which we have no control. Neither TD Bank US Holding Company, nor its subsidiaries or affiliates, is responsible for the content of third party sites hyper-linked from this page, nor do they guarantee or endorse the information, recommendations, products or services offered on third party sites.

Third party sites may have different Privacy and Security policies than TD Bank US Holding Company. You should review the Privacy and Security policies of any third party website before you provide personal or confidential information.