RPA, ML, and AI: Which Financial Automation Does Your Organization Need?
Sage IntacctBusinesses wishing to optimize financial management should know the basics about three financial...
Blog > Do You Know What PCI Level You Are? Retail Solutions to Determine Which Level You Are
If one of your retail solutions involves accepting credit card payments, you need to be PCI compliant.
Many online payment processing solutions will tell you their drop-in credit card widgets mean you don’t need to worry about being compliant but this is incorrect. Even if you use a third party to handle collection, processing and storage of cardholder data, you still need to comply and follow the required certification process.
Step 1 – Determining Your Compliance Level
Each credit card brand has their own compliance program that concentrates on the number of transactions just for their credit cards. To confuse matters further, each company differs in their level definitions and submission requirements.
For instance, according to Visa, Level 4 merchants are organizations that have up to 1 million Visa transactions per year. However, MasterCard categorizes organizations with that amount of transactions as Level 3 merchants. American Express does not have a Level 4.
Each level has its own compliance validation requirements. While Visa may classify you as a Level 4 merchant, American Express may view you as a Level 2 merchant.
In order to comply with the validation requirement for a Level 3 American Express merchant, you need to provide quarterly scans. But as a Level 4 Visa merchant, you only need to do so upon the discretion of their bank.
You can visit the below pages to determine the exact level you are by credit card brand and determine retail solutions to increase your Levels:
Ultimately, your PCI Level is decided on by the acquirer banks so it is a good idea to verify your assumptions with the bank.
What to Submit for Compliance Validation
Once you have determined which level you are, you can figure out what you need to provide the acquirer bank with to shop compliance validation.
So if you meet Level 4 requirements, you need to determine which SAQ is the right one to submit. You will also need to find out if you need to submit quarterly external scans.
There are 5 types of SAQs, labelled A through D. The version you need to complete will depend on whether you use your own retail solutions to process payments, accept credit cards and store cardholder data.
Need Help?
Vision33 offers out-of-the-box retail solutions for all your retail needs and will help determine your PCI Level. Get in touch today.
Subscribe to our newsletter to receive our latest blog posts, case studies and ERP news delivered straight to your inbox.
Businesses wishing to optimize financial management should know the basics about three financial...
Your business software is failing if it’s holding you back and wasting valuable time. A powerful...
An iPaaS solution can benefit your government agency by effortlessly integrating business systems,...
Recieve our latest blog posts, case studies, and ERP news
delivered straight to your inbox.