PCI Compliance (PCI) is the standard for securing the brand’s cardholder data, wherever it is located. Acquiring Banks must comply with PCI Compliance and are responsible for ensuring the compliance of their merchants for all payment channels, including retail (brick-and-mortar), mail/telephone-order and ecommerce.
Compliance is required of all entities storing, processing, or transmitting cardholder data.
For Merchants there are 4 levels depending on the annual number of transactions they store, process or transmit.
- Level 1 – Merchants processing more than 6 million transactions annually
- Level 2 – Merchants processing 1 million to 6 million transactions annually via all channels
- Level 3 – Merchants processing 20,000 to 1 million transactions annually
- Level 4 – E-commerce merchants processing fewer then 20,000 transactions annually
- Level 4 – Non e-commerce merchants processing up to 1 million transactions annually
Service provider levels
There are two levels of service provider depending on the annual number of transactions they store, process or transmit.
Level 1 member agents – Any service provider that stores, processes and/or transmits more than 300,000 transactions annually
Level 2 member agents – Any service provider that stores, processes and/or transmits fewer than 300,000 transactions annually
The Benefits of Becoming PCI Compliant
- By adhering to these requirements the protection of customers and employees is assured.
- Minimised and encrypted data sources – drastically reducing the risk of fraud which can have crippling consequences.
- Independent security evaluation on your systems and security within the PCI DSS scope.
- Security is tested regularly and anti-virus software is maintained and updated regularly.
- Restricted access to card details on a need-to-know basis. All access is logged and fully traceable – offering you peace of mind.
- Increased protection of any potential unknown security threats such as identity theft and fraud.
- Part of PCI DSS is to have AVS scans completed to check for vulnerabilities or threats that cause breaches.
- Increase in customer’s trust.
- Ability to have a payment gateway on your website that is in accordance with your acquiring bank contract – so you avoid big fines!
- Your customers know their payment transactions are safe.
- A listing on the PCI DSS service providers gateway.
- Ability to present the PCI DSS Compliant Logo on your website.