Get Started

Main Menu

Utility Menu

Call Today

(866) 495-0423
Main Line
(866) 739-8324
US Support
(855) 812-5191
Canada Support

SAQ Forms

Every organization that accepts credit and debit cards must remain PCI compliant — regardless of the payment processing method used. This requirement exists whether you run a for-profit business or a nonprofit charity.

Failure to meet the guidelines set forth under the Payment Card Industry Data Security Standards (PCI DSS) can result in harsh penalties if and when card-related fraudulent activity occurs.

Worse still, your business or nonprofit could lose credibility.

In an age of data breaches, cardholders increasingly demand stronger protections to ensure their personal financial information remains safe from hackers and thieves. Diminished confidence in your payment processing’s security will likely lead to lost revenue.

But how do you determine whether your organization is PCI compliant?

Self-Assessment Questionnaires & PCI Validation

In order to verify your organization's PCI compliance, you must fill out an annual Self-Assessment Questionnaire (SAQ) form. This yearly validation step is mandatory — even if you currently use BluePay's highly secure PCI-compliant payment processing solutions.

Designed around a set of yes and no questions, the SAQ allows you to self-evaluate your payment processing's security readiness. And in some cases, your acquiring bank may require that you share the results of each year's assessment.

There are four different types of SAQ forms — which one to fill out depends on how you use and store credit card information:

  • SAQ Form A: For e-commerce, telephone and other card-not-present purposes — and for outsourced data functions.
  • SAQ Form B: For dial-up terminals and imprint-only merchants who don’t store card data electronically.
  • SAQ Form C: For payment systems connected to the Internet (if data are never stored electronically).
  • SAQ Form D: All other merchants who don’t meet the above.

Note that although the SAQ is an annual requirement for most businesses, you may be required to conduct quarterly scans if you regularly process credit and debit cards online. To determine if you fall under this category, contact our merchant support team today.

How Do You Take the Self-Assessment Questionnaire?

As a BluePay client, taking the annual Self-Assessment Questionnaire is easy. You can either take the SAQ on your own or with the help of BluePay's payment processing team.

1. Taking the SAQ on Your Own

To get started, visit ControlScan’s dedicated BluePay SAQ page (you’ll need to provide your BluePay Merchant ID to successfully complete the questionnaire). Toward the top of the page, you’ll notice SmartSAQ — an online validation tool that offers:

  • A streamlined and intuitive interface
  • A set of mandated SAQ questions listed in a logical order
  • Clear illustrations and explanations of important PCI-related concepts

If you ever get stuck, you can contact ControlScan directly by email (

2. Taking the SAQ through BluePay

At BluePay, we can help you properly fill out your yearly Self-Assessment Questionnaire. We can also answer any questions you might have about PCI compliance and secure credit card payment processing.

To have us walk you through the steps, schedule a free consultation with our merchant support team today.

One Final SAQ Consideration

Taking the annual (or quarterly) self-assessment moves you one step closer to PCI compliance. But successful completion of the questionnaire does not automatically mean that you are PCI compliant.

If you discover vulnerabilities in your payment processing, you must take proactive steps to fix any problems. Again, failure to do so could result in hefty fines and/or lost business revenue.

We can help you troubleshoot any PCI-related issues you may have. Schedule a free appointment with our merchant support team today by clicking on the Get Started Today! button below.


Topics: PCI Compliance and Fraud Prevention

Welcome to the BluePay Blog!

Whether you're a small business, an enterprise corporation, a financial institution, or a software partner, we have created a series of blog posts to help you and your customers, learn more about the complex nature of payments. Take a look to learn how payments can help to simplify your business operation, and may even help to grow your revenue.

Recent Posts