The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process or transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider.
If many small businesses lose their ability to accept credit card payments due to de-certification it could have effects that are far-reaching. All stores who process cards are impacted by this new requirement. Online stores that use a hosted 'virtual' processing system are not PCI compliant. These merchants are not exempt from PCI compliance. Fraud prevention is not a laughing matter and needs to be taken seriously. What can you do if you are a merchant to be sure you are not de-certified?
You are a level 1 merchant if your company has over 6 million Visa and/or Mastercard transactions processed per year. This level requires yearly on-site reviews by an internal auditor, and a network scan by an approved scanning vendor (ASV). For a level 2 merchant you have 1 million to 6 million Visa and/or Mastercard transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level requires a network scan with an approved scanning vendor.
Level 3 merchants have 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. If you are a level 4 merchant you have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and it requires a network scan with an approved scanning vendor.
By narrowing down what level and type of merchant you are, you're well on your way to becoming PCI compliant! PCI compliance is very important to your business and for your customers. Don't take it lightly.
If many small businesses lose their ability to accept credit card payments due to de-certification it could have effects that are far-reaching. All stores who process cards are impacted by this new requirement. Online stores that use a hosted 'virtual' processing system are not PCI compliant. These merchants are not exempt from PCI compliance. Fraud prevention is not a laughing matter and needs to be taken seriously. What can you do if you are a merchant to be sure you are not de-certified?
You are a level 1 merchant if your company has over 6 million Visa and/or Mastercard transactions processed per year. This level requires yearly on-site reviews by an internal auditor, and a network scan by an approved scanning vendor (ASV). For a level 2 merchant you have 1 million to 6 million Visa and/or Mastercard transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level requires a network scan with an approved scanning vendor.
Level 3 merchants have 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. If you are a level 4 merchant you have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and it requires a network scan with an approved scanning vendor.
By narrowing down what level and type of merchant you are, you're well on your way to becoming PCI compliant! PCI compliance is very important to your business and for your customers. Don't take it lightly.
About the Author:
Want to find out more about pci compliance, then visit John Corey's site on how to choose the best pci compliance information for your needs.
