Toast PCI - Purpose

To Next Page

To Previous Page

Purpose

Toast, Inc. (Toast) is a PCI DSS approved level 1 service provider offering the Toast POS solution.                

As a service provider, Toast manages the payment processing environment and has taken steps to              

address certain PCI DSS requirements through our own validation efforts and by providing            

guidance to our customers.

Partnering with a PCI DSS compliant POS provider does not make you compliant with PCI              

regulations. Toast was built, configured, and installed in such a manner as to assist you in meeting                

applicable requirements, but you as the merchant remain solely responsible for ensuring your            

business is compliant with all current legal and regulatory requirements to include those imposed             

by PCI SSC and the Card Brands. We recommend that you use a PCI qualified Assessor to be sure                  

your environment is compliant. Please see https://www.pcisecuritystandards.org/ for more        

information.

Toast POS is a PA-DSS validated application when utilized with a Toast-issued Elo device .             

Confirmation of Toast’s PCI DSS and PA-DSS status can be verified at the following sites:

● https://www.visa.com/splisting/searchGrsp.do

● https://www.mastercard.us/en-us/merchants/safety-security/security-recommendations/

service-providers-need-to-know.html

● https://www.pcisecuritystandards.org/assessors_and_solutions/payment_applications

The purpose of the guide is to:

1. Help you identify your appropriate PCI DSS reporting requirements and responsibilities as          

it applies to the Toast POS solution;

2. Provide guidance on how the Toast POS solution impacts a requirement and, whether said            

requirement is addressed directly or in part by the Toast; and

3. Provide a Deployment checklist for you or your Qualified Security Assessor’s references          

on how the Toast POS solution is deployed by Toast integrators or should be deployed if              

you the merchant have selected to self-deploy the solution.

The scope of this guide is limited to the Toast POS solution, its supported hardware and is                

intended for merchants who have elected to utiliz+e Toast’s implementation services.

Hardware restrictions apply. Please check the PCI SSC website for a current list of validated hardware.

PCI Instruction Guide

Page 3 of 44

Related product manuals