Book ASV Scan

Do I Need a PCI ASV Scan? | PCI DSS 4.0 Compliance Tool

Ensure Your Business Meets Mandatory External Vulnerability Scanning Requirements

Navigating PCI DSS compliance can be complex, especially with the transition to PCI DSS v4.0.1. One of the most critical requirements for merchants and service providers is the Quarterly ASV Scan. Failing to perform these scans through an Approved Scanning Vendor (ASV) can lead to non-compliance fees, increased risk of data breaches, and the loss of your ability to process credit card payments.

Use our interactive tool below to determine if your environment is in scope for ASV scanning.

Does your entity store, process, or transmit Cardholder Data (CHD)?
Are you a Service Provider that could impact the security of another entity's CHD?
Is your payment environment connected to the Internet?
Which SAQ best describes your environment?

ASV Scan Required

Based on PCI DSS v4.x, you must perform quarterly scans with an Approved Scanning Vendor.

ASV Scan Likely Not Required

Your environment may be exempt. Please verify with your acquirer or QSA.