Who needs to complete PCI certification?
help IS HERE
PCI Compliance Standards links-critical
Every merchant and service provider who accepts, processes, stores, or transmits cardholder transactions.
All merchants must meet PCI Data Security Standard (DSS) requirements; however, merchant compliance validation has been prioritized based on the volume of transactions, the potential risk, and exposure introduced into the payment system.
PCI Compliance is critical. Your business can be subject to huge fines and you don't want to become the next TJ Maxx in the news. Compliance requirements vary by processing volume, however, the vast majority of businesses can complete the PCI Compliance Self Assessment. Most businesses are level 4 merchants as defined by Visa: Any merchant processing fewer than 20,000 Visa e-commerce transactions per year, and all other merchants-regardless of acceptance channel-processing up to 1,000,000 Visa transactions per year.
PCI Compliance Certification is not optional with us. We consider this an essential part of protecting your business.
All our customers are guided through the proper certification method.
Level 4 merchant requirements:
* Annual PCI Self-Assessment Questionnaire
* Quarterly Network Scan (if applicable)
see additional compliance articles in our learning station blog.
PCI Compliance provides merchants SAFE HARBOR
Safe harbor is the outcome of the PCI certification process and provides members protection from fines and compliance exposure in the event of a data compromise. To attain safe harbor status:
* A member, merchant, or service provider must maintain full compliance at all times, including at the time of breach as demonstrated during a forensic investigation.
* A member, merchant, or service provider must demonstrate that prior to the compromise their merchant had already met the compliance validation requirements, demonstrating full compliance. Note: It is important to note that the submission of compliance validation documentation, in and of itself, does not provide the member safe harbor status. The entity must have adhered to all the requirements at the time of the compromise.