PCI Compliance Consulting - What is required from each merchant?

FAQ

Tools

Primary links

What is required from each merchant?

The payment card brands have set forth the following requirements for merchants:

Merchant Level 1

An annual on-site security audit that is to be conducted by a qualified security assessor (QSA).
A quarterly network scan conducted by an independent scan vendor (ASV).

Merchant Level 2

An annual on-site security audit that is to be conducted by a qualified security assessor (QSA), or an internal audit that is signed by an internal officer who is qualified as internal security auditor (ISA).
A quarterly network scan conducted by an independent scan vendor (ASV).

Merchant Level 3

An annual PCI self assessment questionnairethat is validated by the merchant.
A quarterly network scan conducted by an independent scan vendor (ASV)

Merchant Level 4

A recommended annual PCI self assessment questionnaire that is validated by the merchant.
A recommended quarterly network scan conducted by an independent scan vendor

For details regarding PCI DSS or PA DSS please contact us at pci@grseecon.com or call +1.916.914.8556, +1.866.213.7116

Not in North America? Please contact us at sales@grseecon.com or call +44.762.412.8628, +44.793.700.3649, +972.52.3866591, +972.54.2405700