PCI Merchant Compliance - SecurityMetrics

PCI DSS Service Provider Compliance Levels

All major credit card associations such as Visa, MasterCard, American Express, Discover, Diners Club and JCB all endorse, and require the unified PCI Data Security Standards.

Compliance Overview

Acquiring members must use, and are responsible for ensuring that their merchants use, service providers that are CISP-compliant. Visa acquiring members are responsible for any liability that may occur as a result of non-compliance with Visa CISP.

Service Provider Definition
Service providers are organizations that process, store, or transmit cardholder data on behalf of acquirers/members, merchants, or other service providers.

PCI Data Security Standards Summary

The following table summarizes the PCI Data Security Standards by service provider level:

Service Provider Level	Criteria	Validation Requirements
1	Merchants processing over 6 million Visa transactions annually (all channels) or Global merchants identified as Level 1 by any Visa region 2	Annual Report on Compliance ("ROC") by Qualified Security Assessor ("QSA") Quarterly network scan by Approved Scan Vendor ("ASV") Attestation of Compliance Form
2	Merchants processing 1 million to 6 million Visa transactions annually (all channels)	Annual Self-Assessment Questionnaire ("SAQ") Quarterly network scan by ASV Attestation of Compliance Form
3	Merchants processing 20,000 to 1 million Visa e-commerce transactions annually	Annual SAQ Quarterly network scan by ASV Attestation of Compliance Form
4	Merchants processing less than 20,000 Visa e-commerce transactions annually and all other merchants processing up to 1 million Visa transactions annually	Annual SAQ recommended Quarterly network scan by ASV if applicable Compliance validation requirements set by acquirer

Enroll Now for Guaranteed Merchant Compliance

Additional Compliance Information

• Merchant Compliance Summary
• Merchant Compliance Levels
• Merchant Compliance Guide (PDF)
• More on Site Certification

Free Compliance Consultation

Call 801.705.5665 if you would like to speak to one of our Compliance Specialists about your unique situation, special considerations or custom solutions.

Merchant Compliance Guarantee

SecurityMetrics Site Certification is guaranteed. We guarantee to provide the information required for compliance.

If you require compliance information, technical assistance, additional scanning results or any other information we will provide it for you at no charge to ensure you can become compliant as soon as possible.