What is the difference between Compliance and Validation?
Merchants are compliant when they are abiding by the new security standards. Compliance is required for merchants of all 4 levels. Validation is the process confirming that a merchant is abiding by the new security standards. To become validated, you must complete a Self Assessment Questionnaire and perform a Quarterly Network Scan on your system to detect potential vulnerabilities. Currently, Visa and MasterCard only require merchants in Levels 1 – 3 to be validated. However, Level 4 merchants still must be in compliance and are encouraged to validate.
You are compliant when you are abiding by the new security standards. Compliance is required for merchants on all levels. Validation is the process confirming that you are abiding by the new security standards. To become validated, you must complete a self-assessment questionnaire and perform a quarterly network scan on your system to detect potential vulnerabilities. Currently, Visa, MasterCard, Discover, only require merchants on levels 1 through 3 to be validated. However, Level 4 merchants still must be in compliance and are encouraged to validate.
Related Questions
- These levels determine the validation processes that a merchant must undertake in order to achieve and maintain compliance. Is there a distinction between the different types of service providers?
- Is a HEDIS Compliance Auditâ„¢ considered to be a validation of performance measures activity?
- Who is enforcing validation PCI DSS compliance?
