Organisations that handle branded credit and debit cards from the major card schemes such as Visa, MasterCard, and American Express must comply with a proprietary information security standard known as the Payment Card Industry Data Security Standard, or PCI DSS.
PCI DSS compliance is governed by a regulating body, and is in place in order to ensure that all businesses that process, store, or transmit card information do so in a secure environment. PCI security standards help to reduce instances of fraud, as well as increasing client protection.
Simply by processing payments using our hosted integrations and virtual terminals you will automatically be achieving the required PCI compliance levels. We hold up-to-date PCI DSS certification, meaning that you can effectively piggyback off our compliance without the need to make any special arrangements.
However, should you require an API or other integration, we can assist you in achieving PCI Compliance. The following information details what is required of you in order to achieve one of the four different PCI standards.
If you’d like any further information please contact us and we’ll be more than happy to answer your questions and offer our expert advice.
PCI COMPLIANCE LEVEL 1 (HIGHEST LEVEL OF REQUIREMENT)
Over 6 million Visa and/or Mastercard transactions processed per year.
Should you be processing over 6 million Visa and/or Mastercard payments, it becomes necessary to have your company approved by an approved scanning vendor (ASV). This annual audit is completed on-site and various tests are conducted on the integrity of your systems and controls regarding payments will be analysed.
PCI COMPLIANCE LEVEL 2
1 million to 6 million Visa and/or Mastercard transactions processed per year
Should you be processing under 6 million Visa and/or Mastercard payments, you’ll need to complete a self-assessment PCI-SAQ questionnaire and undergo quarterly reviews.
PCI COMPLIANCE LEVEL 3
20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year
Should you be processing under 6 million Visa and/or Mastercard payments, you’ll need to complete a self-assessment PCI-SAQ questionairre and unergo quarterly reviews.