n 2006, due to the ubiquity of online shopping and lack of security around a new form of credit card use, American Express, MasterCard, Visa, Discover, and JCB International founded the Security Standards Council to combat the threat of cardholder data theft. This council drafted rules for merchants and payment processors, designed to protect cardholder data and keep everyone safe from fraud. The PCI-DSS—the Payment Card Industry Data Security Standards—are regulations that all merchants must stay compliant with in order to accept credit cards.
4 Levels of Compliance
This is considered the highest level of security. Merchants who must comply with Level 1 do more than 6 million Visa or Mastercard transactions annually. However, Visa may use their discretion to deem any merchant Level 1 depending on perceived risk. Level 1 is the only level where in-person assessments by a Qualified Security Assessor (QSA) and network scans of the merchant must be conducted on a yearly basis.
Merchants who must comply with Level 2 do between 1 million and 6 million Visa or Mastercard transactions annually. Unlike Level 1 merchants, Level 2 merchants, along with merchants belonging to Levels 3 and 4, do not have to be assessed by a QSA. Instead, merchants can assess themselves using the PCI questionnaire. The merchants who belong to the bottom three levels also must conduct a quarterly network scan and submit an attestation of compliance form.
Merchants who must comply with Level 3 do between 20,000 and 1 million Visa or Mastercard transactions annually.
Merchants who must comply with Level 4 do less than 20,000 Via or MasterCard transactions annually.
No matter what PCI level your business belongs to, PayArc is here to help. We ourselves are Level 1 compliant, so we know how important it is to protect cardholder data. We have partnered with ControlScan to keep the PCI-compliance process as simple as possible for our merchants while also being ahead of the game in security.
Want to know more? Click here to learn more about PayArc’s relationship with ControlScan and how it can benefit your business.