|
Supporting your company's self audit, our
PCI Compliance Services will plan, assess
and remediate any gaps in your security
to achieve compliance with all Payment Card
Industry requirements(see below). Whether
you need support finding and implementing
scanning, encryption or two factor authentication,
our certified consultants and engineers
will deliver more than reports; they deliver
results. And once you're compliant, we can
monitor your security infrastructure 24
hours a day to ensure that you have a secure
posture. Call us today for a free consultation.
All major credit card providors require
compliance with the PCI Standard of all
merchants and service providers(third party
processors, data storage entities, etc.)
that store, process, or transmit cardholder
data. The program applies to all payment
channels, including retail, mail/telephone,
and e-commerce. Additional requirements
by each card provider is required to achieve
"safe harbor". Failure to comply
could result in significant fines, loss
of service or other restrictions. For specific
details, please visit the websites of each
provider.
You can download the entire Payment Card
Industry (PCI) Data Security Standard here.
|
Merchant Defnition
|
Criteria
|
Onsite Review
|
Self Assessment
|
Network Security
Scan
|
Compliance Date
|
|
Level 1
|
• All merchants, including electronic
commerce merchants, with more than six
million total MasterCard transactions
annually
• All merchants that experienced
an account compromise
• All merchants meeting or exceeding
the Level 1 criteria of a competing
payment brand
• Any merchant that MasterCard,
at its sole discretion, determines should
meet the Level 1 merchant requirements
|
Required Annually1
|
Not Required
|
Required Quarterly2
|
30 June 2005
|
|
Level 2
|
• All merchants with annual MasterCard
e-commerce transactions between 150,000
and 6 million
• All merchants meeting or exceeding
the Level 2 criteria of a competing
payment brand |
Not required
|
Required Annually
|
Required Quarterly2
|
30 June 2004
|
|
Level 3
|
• All merchants with annual MasterCard
e-commerce transactions between 20,000
and 150,000
• All merchants meeting or exceeding
the Level 3 criteria of a competing
payment brand |
Not Required
|
Required Annually
|
Required Quarterly2
|
30 June 2005
|
|
Level 4
|
• All other merchants |
Not Required
|
Required Annually
|
Required Quarterly2
|
N/A
|
1 For Level 1 merchants,
the annual onsite review may be conducted
by either the merchant’s internal auditor
or a qualified onsite security assessor.
2 To fulfill the network scanning requirement,
all Level 1, 2 and 3 merchants must conduct
scans on a quarterly basis using a trusted
scanning vendor.
Contact us today
to learn how our PCI Compliance services
can help you:
 |
Enhance your
security posture |
|
Increase operational efficiency |
|
Receive early warnings to emerging
threats |
|
Address regulatory compliance |
|
 |
| 
