These levels determine the validation processes that a merchant must undertake in order to achieve and maintain compliance. Is there a distinction between the different types of service providers?
• Level 1: All payment processors and payment gateways • Level 2: All service providers not in level 1 but with more that 1 million credit card accounts or transactions. • Level 3: Service providers not in Level 1, with fewer than 1 million annual credit card accounts or transactions. These levels determine the validation processes that a service provider must undertake in order to achieve and maintain compliance. I am a merchant. How do I become PCI DSS compliant? Becoming PCI DSS compliant requires businesses to fulfill and demonstrate all the twelve requirements as laid out in PCI DSS. This is achieved as follows: • Level 1 merchants: Annual on site security audit & quarterly network scan. On site security audits are performed by a Qualified Security Assessor (QSA). • Level 2, 3, 4 merchants: Annual self assessment questionnaire & quarterly network scan. Self assessment questionnaires are compiled in-house by the merchant. Network scans are performed by an approved scan vendor (ASV)
Related Questions
- These levels determine the validation processes that a merchant must undertake in order to achieve and maintain compliance. Is there a distinction between the different types of service providers?
- Do currently available luteinising hormone-releasing hormone agonists achieve and maintain castration testosterone levels?
- With the standard changing, how can a merchant or processor hope to maintain its compliance?
