Skip to main content

Identify the right PCI requirements for your business




The Payment Card Industry Data Security Standard (PCI DSS) is a security standard developed by the major card brands (Visa®, MasterCard®, Discover®, American Express® and others) to help merchants protect credit cardholder data. Merchants who process credit cards are required to be PCI compliant in order to protect cardholder data. The requirements associated with maintaining PCI compliance vary depending on the size and processing method of the business.  There are four levels, or “tiers,” and each level has its own requirements. Read on to identify which level applies to your business and the steps you can take to achieve compliance for your tier.

What are the “tiers” associated with PCI compliance?

1. Level 1 Merchants:
Level 1 or Tier 1 merchants process over 6 million Visa* transactions annually through all channels (card present, card not present, ecommerce.)  Also, any worldwide merchant that processes a total of 6 million transactions across all regions may cause the entire business to qualify. Merchants who are considered Tier 1 must do the following:

Complete an annual PCI DSS validation through a Qualified Security Assessor (QSA)
Complete a quarterly network scan by an ASV (Approved Scanning Vendor)
Complete the Attestation of Compliance Form​
2. Level 2 Merchants:
Tier 2 merchants process 1 – 6 million Visa transactions annually through all channels (card present, card not present, ecommerce.) Merchants who are considered Tier 2 must do the following:

Complete an Annual Self-Assessment Questionnaire (SAQ)
Complete a quarterly network scan by an ASV (Approved Scanning Vendor)
Complete the Attestation of Compliance Form
3. Level 3 Merchants:
Tier 3 merchants process 20,000 to 1 million Visa transactions annual exclusively via e-commerce processing methods. Merchants who are considered Tier 3 must do the following:

Complete an Annual Self-Assessment Questionnaire (SAQ)
Complete a quarterly network scan by an ASV (Approved Scanning Vendor)
Complete the Attestation of Compliance Form
4. Level 4 Merchants:
Tier 4 merchants process up to 1 million Visa transactions annually through all channels (card present, card not present, ecommerce) and do not process more than 20,000 Visa transactions annually exclusively via ecommerce. Alternatively a merchant processing less than 20,000 Visa transactions annually exclusively via ecommerce will qualify for Tier 4. Merchants who are considered Tier 4 must do the following:

Complete an Annual Self-Assessment Questionnaire (SAQ)
Complete a quarterly network scan by an ASV (Approved Scanning Vendor)
Complete the Attestation of Compliance Form
How do merchants take action?
Merchants can determine where they fall in the PCI compliance tiers through their merchant services provider or the reporting tools provided by said provider. Merchants in tiers 1-3 have more complex compliance requirements because of the size and nature of their business. They are also considerably more likely to have internal IT and compliance teams to implement and monitor their compliance programs. Most merchants who identify as small businesses fall under the tier 4 category. While the compliance requirements may be somewhat simpler, small merchants may find it more challenging to meet them because they do not have internal IT infrastructure. They may feel overwhelmed and unsure where to begin.

Luckily, for Tier 4 merchants, there are many products available at reasonable costs related to their business size. While Tier 1-3 merchants may have to spend quite a lot of money on security and then pay for onsite assessments performed by a Qualified Security Assessor, Tier 4 merchants who actively use a PCI compliance service can get a similar benefit for the size of their business for pennies on the dollar.

Vantiv Integrated Payments offers Merchant SecureAssist®, which is a compliance assistance solution that offers the tools to help merchants achieve and maintain compliance. This solution includes an online “wizard” that guides merchants through the compliance process one step at a time, as well as real-time, point of sale system scans.

#awepay #paymentfraud #artificialintelligence #ai #machinelearning #fraud #frauds #onlinefrauds #fraudprevention #stoppingfraudusingai #stoppingfraud #catchingfraud #ecommerce #ecommercefrauds #ecommerceproducts #product #saas #security #cybersecurity #cybercrime #service #malaysia #startup #tech #techproduct #scifi #payment #team #newarrivals #latesttechnology



Comments

Post a Comment

Popular posts from this blog

Apple Pay is coming to eBay.

As the online marketplace moves away from its official relationship with PayPal, it is moving into new relationships with new providers. As of this fall, Apple Pay will be one of the first new options on its new payment platform, making it possible for customers to either use Apple Pay in eBay’s mobile app, or for web purchases (provided they are using Safari as Apple Pay doesn’t work with Chrome or other browsers). The Apple Pay option will roll out slowly at first — only a small group of select Marketplace customers will get to use Apple Pay in the first phase of its introduction to eBay. The goal, however, is to make the transition to their own in-house payment platform by the end of 2021. The transition marks a definitive split from PayPal. eBay formally parted ways with PayPal in 2015, when it spun out as a stand-alone firm. eBay — as their contractually mandated partnership with PayPal is drawing to a close — is now working with Amsterdam-based company Adyen to...
Post a Comment
Read more

10 ways to protect your customers' credit card data

Accepting credit cards doesn't have to be a constant exercise in paranoia about whether your customers' credit card data is safe or not. Here are 10 solutions for protecting the credit card data of your customers. 1. You can’t go it alone Like anything in life—when there's a lot on your plate, you can't manage it all without help. Card data security, fraud protection and securing your customers’ information in your store is more than a one-person job. It's everyone's job. Get everyone in your business, including your customers, thinking about card data security and fraud at the point of sale. 2. EMV installation You're probably tired of hearing about EMV and chip cards at this point, but if you don't have one, you're putting yourself and your own profits in jeopardy. Chip cards, and the EMV-enabled credit card terminals that can read them, are designed to stop fraud at the point-of-sale. A "forged" card is difficult to pa...
Post a Comment
Read more

A Robust Payment Platform

Owing to the radical evolution of Fintech companies, heightened customer expectations for value-added services, and ever-changing regulatory landscape, the prominence of payment technologies has undeniably risen to new heights. These dynamics are reinvigorating the traditional financial landscape and enabling merchants to tap into the potential benefits of nascent technologies. At the same time, moving away from conventional methods of payments is bringing unprecedented opportunities to carry out international trade for both sellers and buyers. Although the disruption in the payments landscape seems stimulating for global trades, not all ventures gain from them as stringent compliance standards often undermine the use of technologies for cross-border transactions. Enunciating the same, Casey Seow, managing director of AWEpay, mentions that the new breed of technologies is revamping the entire payments space, enabling companies to cater to the untargeted market segments. He f...
Post a Comment
Read more