Skip to main content

Understand PCI compliance levels


If you process credit cards, you can’t avoid dealing with PCI (Payment Card Industry) compliance—and the best thing you can do is educate yourself so your business and systems adhere with these important guidelines at all times. All merchants fall into one of four merchant PCI compliance levels, which are determined based on your Visa transaction volume and type over the period of a year. Visa transactions include all credit, debit and prepaid cards with the Visa logo.

Let’s take a look at how merchants are classified into the four levels.

PCI Compliance Level 1 Merchant
Any merchant that processes over 6 million Visa transactions per year (regardless of the processing channel: in-store, online, etc.)
Any merchant that Visa determines should be a Level 1 merchant to minimize risks to the Visa system
Due to their high annual processing volumes, Level 1 Merchants must take the greatest efforts to secure their processing systems. These merchants must complete annual on-site reviews by an internal auditor and successfully pass a required network scan by an approved scanning vendor.

PCI Compliance Level 2 Merchant
Any merchant that processes 1 million to 6 million Visa transactions per year (regardless of the processing channel: in-store, online, etc.)
PCI Compliance Level 3 Merchant
Any merchant that processes 20,000 to 1 million Visa eCommerce transactions per year
PCI Compliance Level 4 Merchant
Any merchant that processes fewer than 20,000 Visa eCommerce transactions per year
Any merchant that processes up to 1 million Visa transactions per year (regardless of the processing channel: in-store, online, etc)
Note that any merchant that has suffered a data breach of sensitive card data may be escalated to a higher validation level.

Maintaining Level 4 Classification
To satisfy the requirements of being classified as a Level 4 Merchant, a small to medium-sized business must:

Complete the appropriate Self Assessment Questionnaire (SAQ) from the PCI Security Standards Council (SSC)
Complete and obtain evidence of a passing vulnerability scan with a PCI SSC-approved scanning vendor (not applicable to all merchant types)
Complete the appropriate Attestation of Compliance in its entirety (located within the SAQ)
Submit the SAQ, evidence of passing the vulnerability scan (if required for your business type), the Attestation of Compliance and other requested documentation to your acquirer
Level 2, 3 and 4 Merchants must keep their annual SAQ current and conduct quarterly vulnerability scans with an approved scanning vendor.

For more information on achieving and maintaining PCI compliance, check out the PCI Security Standards Council website. Remember that PCI compliance is not a one-time solution, but rather a practice in which your business must be continually engaged in order to ensure compliance. Contact your payments processor for help in meeting the criteria.


#awepay #payments #paymentservices #paymentsolution #paymentsolutions #paymentsmadeeasy #PaymentsWithOutBorders #paymentsystem #paymentsolutionproviders #paymentsystems #ecommerce #ecommerceinsights #event #conference #congres #blockchain #pwa #cryptocurrency #KeshPOS #mPOS #poweredbyinnovectives #thursdaythoughts #bitcoins #Earn #Payments #bitcoin #binarytrade #forex #investment #wealth


Comments

Popular posts from this blog

12 Startups Utilizing Blockchain Technology in New Ways

Author: Awepay Cryptocurrency created quite the buzz this past year. Although the technology has been around for a few years, 2017 was the year it really took off. Bitcoin, the first application of cryptocurrency technology, hit $20,000 a coin, while coins like Ethereum also saw their prices increase. However, the technology behind these tokens, blockchain, has far more applications than just cryptocurrencies. Through a network of smart contracts that operate utilizing decentralized information on a ledger, blockchain is able to provide unmatched security and speed for data transfers. This means that blockchain technology has an application in nearly every industry where value is exchanged. For this reason, many startups have started to explore how this technology can change the way the world works. Here are twelve of those startups, each of which are utilizing blockchain technology in new ways. Related: 10 Reasons Why Good Customer Service Is Your Most Important Metric ...

4 Trending Digital Payment Methods: Is Your Business Ready For Them?

Businesses and consumers alike are interested in faster, safer, and more convenient payment methods. Are you ready to go digital?   Demographics across the world are shifting. Millennials are now the most diverse and prominent generation in the US population.   As a generation heavily influenced by technology, their buying habits and expectations are all formed via the immediacy that smartphones, Internet, and modern conveniences engender.   Businesses and consumers alike are interested in faster, safer, and more convenient payment methods, as cash is becoming obsolete and credit cards are being phased out. Mobile and social payment options could be the future of millennial-driven purchasing, creating the sort of instant gratification that millennials expect.   Here are a few trending digital payment methods that Millennials will prefer to use in the coming year.     1. Mobile In-Store Payments & Apps...

EMV transactions: Is it time for you to upgrade?

Even if your business has not yet adopted an EMV-enabled solution, you’re probably somewhat familiar with the technology since it's among the most talked about developments in payments. EMV has proven to be an effective tool to fight card present payment fraud in Canada and many European countries. While EMV is new to the U.S., payment card fraud is not, with nearly $8.5 billion in fraudulent transactions in the U.S. in 2015 alone. What’s more, the U.S. represents nearly 40 percent of worldwide fraud, despite having less than 25 percent of transaction sales volume. EMV defined So what is EMV? EMV technology is based on specifications developed to ensure worldwide acceptance of secure payments by an organization called EMVCo, a group of leading companies in the payments industry including American Express, Discover, JCB, MasterCard, UnionPay, and Visa and supported by dozens of other companies in the industry. EMV has become the global standard for authenticating credit...