PracticeQ Payments: PCI Vulnerability Scan

If your practice completes the SAQ A or the SAQ B-IP to attest to your PCI compliance, you will undergo a vulnerability scan. Here is how to navigate this in your PCI toolkit.

If you manually enter any payment card details:

1. Log into your PCI toolkit: https://stax.pcitoolkit.com/version3/SignIn.aspx
2. Click Next to begin the process.
3. Select Use Clone Systems as a scanning vendor.
4. Enter the public IP address of the network where the user inputs card information. To find this IP, click the blue What is my IP Address? link to the right.
5. Click Submit.
6. On the next page, click Confirm to schedule the scan.

If clients ONLY enter their payment card details online:

1. Log into your PCI toolkit: https://stax.pcitoolkit.com/version3/SignIn.aspx
2. Click Next to begin the process.
3. Select Use Clone Systems as a scanning vendor.
4. Enter the following IP:  216.21.12.26
5. Click Submit.
6. On the next page, click Confirm to schedule the scan.

Scan Details

• Scans are performed on 12 hour rotations, so you can expect your results the following day.
• You will be notified of the scan results by email and through the toolkit dashboard.