Identifying credit card data storage is one of the key and initial steps needed for compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). The PCI DSS prohibits storage of unencrypted Card Holder Data (CHD).
Approved Scanning Vendors (ASVs) are organizations that validate adherence to certain DSS requirements by performing vulnerability scans of Internet facing environments of merchants and service providers.