The Different Levels of PCI Compliance

It is not unusual to hear on the news of yet another security breach where information regarding millions of credit cards has been compromised by hackers exploiting a retailer’s database over the Internet. In an effort to reduce credit card fraud and protect their interests and the public at large, the major players in the credit card industry banded together to form the Payment Card Industry Standards Council. This group established the PCI Data Security Standard (PCI DSS), which is used as the standard for keeping cardholder data secure and out of the hands of hackers.

Within the PCI DSS, there are four levels of PCI compliance. These levels apply to the volume and different types of credit card processing by individual merchants and apply to how they store and protect the information they gather when processing credit cards. The Council does not have legal authority to force retailers to follow the PCI DSS; however, if the retailers refuse to follow these guidelines, they may be forced to comply with a higher level of compliance as required by the individual credit card companies. All levels are required to have a network scan performed quarterly by an Approved Scanning Vendor (ASV) and complete an Attestation of Compliance. Additional steps are required according to the vendor’s designated PCI Compliance Level.

PCI Compliance Level 1

The highest level of security precautions are required for merchant accounts that process over six million credit card domestic transactions a year or participate in global transactions. A merchant in this category is required to hire a qualified security assessor to complete their annual compliance report.

PCI Compliance Level 2

This level of compliance applies to merchants with one to six million credit card processing transactions a year, whether they are through brick and mortar or e-commerce transactions. These merchants are permitted to complete a self-assessment questionnaire, rather than hiring a security assessor.

PCI Compliance Level 3

Merchants who process between 20,000 to one million e-commerce transactions a year are classified under PCI Compliance Level 3. This group is also permitted to complete their own self-assessment questionnaire each year.

PCI Compliance Level 4

This level applies to merchants who process less than 20,000 e-commerce transactions or up to one million in total of e-commerce and brick and mortar transactions. Additionally, merchants in this group are allowed to complete their own annual self-assessment questionnaires.

The cost to maintain a PCI compliance program varies according to the level required and the size of the merchant’s network, but is a necessary expense in order to conduct business. If a retailer refuses to comply or is lax in their PCI compliance, they could lose their merchant accounts with their credit card processor. Without an account, these retailers would be unable to process credit card payments for the convenience of their customers. Therefore, maintaining PCI compliance at their assigned level is essential to a merchant’s bottom line, in addition to preventing lawsuits and major financial losses due to security breaches.

Leave a Reply



It took me a while to decide who I wanted to settle with to handle all of my credit card transactions because every company wants to make it sound like they're offering you the best rates. was able compare and beat all of the other offers I received. They were also able to provide me the fairest price on my EMV-compliant terminal. My sales representative and the support team were there to assist every step of the way. Ultimately, I'm looking forward to a long term relationship with this company.

Roland Tran from the Hong Kong Kitchen

It is a pleasure dealing with these folks. Their pricing is fair, their statements are understandable and their employees are knowledgeable and friendly.

John MacMillian from the Great Lakes Baking Company

The service was very professional, my sales person (Steven B.) was very well versed in the product and most helpful in getting our company set up to accept credit cards via my cell phone. Their rates are some of the lowest on the market and their service is unparalleled. I will recommend them to anyone requiring a credit card processing service.

Michael Harper from Deluxe Auto Body

Jonathan C. is wonderful to work with. He is very helpful, accommodating and resolves any issue quickly. It is hard these days to find someone who gives great customer service, but I can say, Jonathan is the best! I would not hesitate to recommend him to any business owner and to assist you in helping to grow your business.

Linda Garner from Regali Da Forno

I called indecisive about getting a device, but speaking to your Sales Consultant completely settled me. He was very professional, knowledgeable and patiently walked me through the process. He always responded to my voicemails and answered all my questions. After I received my merchandise, he called following up to ensure that I had received it. Customer service I would say is 5 stars. Stellar! Thanks Credit Card Processing, I will definitely recommend you.

Sarah Morgan from Vision International Ministries
Call Us Today! (866) 837-0751

© 2016 All rights reserved. Privacy Policy
CREDITCARDPROCESSING.COM, LLC is a registered ISO of Wells Fargo Bank, N.A. Walnut Creek, CA

*Further terms and conditions may apply. Promotion contingent upon's receipt of written competing offer(s).

**Certain restrictions may apply.

Promotional offers brought to you by

Call (866) 837-0751 for details.