An organization that validates adherence to certain Payment Card Industry (PCI) Data Security Standard (DSS) requirements by performing vulnerability scans of Internet-facing environments of merchants and merchant service providers. Approved scanning vendors (ASVs) must qualify for approval by the PCI Security Standards Council annually.