Overview

Visa and MasterCard have jointly developed a set of rules for merchants [people who take card payments] who store, process or otherwise have access to cardholder information. The objective of these rules is to ensure that the cardholder’s details remain safe.

These rules are commonly called PCI, or in a longer version as PCI DSS which stands for Payment Card Industry Data Security Standards.

All of the UK acquiring banks require merchants to comply with this rules to varying levels dependent on the amount of card payments that they take.

Typically following the guidelines laid down has helped many merchants improve their general security and in doing improved the value of their business.

The BIG question is “Do I need to be compliant ?”

All merchants, whether small or large, need to be PCI compliant.

Visa and Mastercard have collectively adopted PCI DSS as the requirement for organisations that process, store or transmit payment cardholder data.

For questions regarding compliance validation requirements and deadlines as well as compliance reporting requirements, we recommend that you contact your merchant acquirer - if you are a Cardsave customer please call us and we will be happy to help.

For more information regarding the PCI security standards and supporting documentation, including the “Navigating the PCI DSS” as well as targeted Self Assessment Questionnaires to assist small and medium merchants, please visit the PCI SSC website at: www.pcisecuritystandards.org

 

PCI Levels

Businesses are divided into four levels depending on the volume and type of transaction you process.

See the table below to find out which level your business is, and what you need to do to comply.

Level Criteria Compliance requirement

Level 1

Any merchant processing in excess of 6 million MasterCard OR Visa transactions a year or any merchant that has lost data due to a security breach, compromise or a “hack”

  • Annual on-site audit
  • Quarterly vulnerability scan

Level 2

Any merchant processing between 1 and 6 million Annual MasterCard OR Visa transactions a year

  • Self Assessment Questionnaire
  • Quarterly vulnerability scan

Level 3

Any e-commerce merchant processing between 20,000 and 1 million MasterCard OR Visa transactions a year

  • Annual Self Assessment Questionnaire
  • Quarterly vulnerability scan

Level 4

Any merchant not level 1, 2 or 3

  • Annual Self Assessment Questionnaire
  • Vulnerability scan at least annually

Request a callback

Call us now: 0800 058 8200
 

©2011 Cardsave. All Rights Reserved

Card Machines | Wireless Card Machines | Mobile Card Machines | Card Processing | Merchant Services | Blog
Credit Card Machines for Small Business | Card Payments | Chip and Pin | eShop | Hosted Payment Page | Integrated Payment Page
Ecommerce | Shopping Cart | Payment Gateways | Phone Payments | Virtual Terminals | Loyalty & Gift Cards | Pay By Link | Transparent PayPage
† Calls are free from most landlines. Mobile and other network costs may vary
* by transaction volume