Pinnacle Pay Merchant Services, Provides Payment solutions for your business accept credit cards, credit card transaction processing, payment processing, internet payment processing,bankcard merchant services, payment solutions, credit card processing, ac

Home
Our Company Products Our Service PCI Security Apply / Info

	Overview
	Merchant Compliance Requirements
	What to Do if Compromised?
	Frequently Asked Questions
	DOCUMENTS
	Best Practices
	Visa Security Guide
	Visa eCommerce Risk Guide
	Certified Service Gateway Providers
	Validated POS Payment Applications
	Visa PCI CISP Document
	Self Assessment Questionnaire
	PCI Scanning Procedures
	PCI Data Security Standard
	LINKS
	Approved Scanning Vendors
	Qualified Security Assessors
	Visa Security and Risk Management
	PCI Security Standards Council

Payment Card Industry Data Security Standards

Protect Your Cardholder Data.

Merchant levels defined

All merchants will fall into one of the four merchant levels based on transaction volume over a 12-month period. Transaction volume is based on the aggregate number of transactions (inclusive of credit, debit and prepaid) from a merchant Doing Business As ("DBA"). In cases where a merchant corporation has more than one DBA, the aggregate volume of transactions stored, processed or transmitted by the corporate entity is used to determine the validation level. If data is not aggregated, such that the corporate entity does not store, process or transmit cardholder data on behalf of multiple DBAs, the DBA’s individual transaction volume will be used to determine the validation level. Merchant levels are defined as:

Merchant Level*	Description
1	Any merchant-regardless of acceptance channel-processing over 6,000,000 Visa/MasterCard transactions per year. Any merchant that Visa/MasterCard, at its sole discretion, determines should meet the Level 1 merchant requirements to minimize risk to the Visa/MasterCard system.
2	Any merchant-regardless of acceptance channel-processing 1,000,000 to 6,000,000 Visa/MasterCard transactions per year.
3	Any merchant processing 20,000 to 1,000,000 Visa/MasterCard e-commerce transactions per year.
4	Any merchant processing fewer than 20,000 Visa/MasterCard e-commerce transactions per year, and all other merchants-regardless of acceptance channel-processing up to 1,000,000 Visa/MasterCard transactions per year.

* New merchant level definitions effective of July 18, 2006.

** Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level.

Compliance validation basics

In addition to adhering to the PCI Data Security Standard, compliance validation is required for Level 1, Level 2, and Level 3 merchants, and may be required for Level 4 merchants.

Merchant Level	On-Site PC Security Audit	Self Assessment Questionnaire	Network Scan
1	Required Annually		Required Quarterly
2 and 3		Required Annually	Required Quarterly
4		Recommended Annually	Recommended Quarterly

The PCI DDS requires that all merchants perform external network scanning to achieve compliance. Level 4 merchants, new or changing processors, will be required to use a compliant application or prove compliance beginning October 2008 and may be required to submit the self assessment questionnaire and quarterly scan reports.


	[Home Page] [Our Company] [Products/Markets] [Our Service] [Contact Us]


	Copyright 2005 PinnaclePay Merchant Services Inc. sales@pinnaclepay.com

		Site developed by Reach2save.com