| PCI Compliance for Level 3 Vendor [message #129] |
Mon, 07 December 2009 13:23  |
 creditcardsonline101
Messages: 3
Registered: December 2009 |
Junior Member |
|
|
I'm a small business who pushes all my credit card transactions through my merchant account. I don't store any credit card numbers physically or electronically on our computers or network. I'm very virtual.
I think, in the vernacular, I'm a level 3, 20K-1M online transactions vendor, none stored. I'm under $10M annually.
Are there any requirements for me to be PCI compliant?
I'm a small online business learning about credit card processing and collecting my thoughts at:
http://www.creditcardsonline101.com
|
|
|
| Re: PCI Compliance for Level 3 Vendor [message #131 is a reply to message #129 ] |
Mon, 07 December 2009 14:46  |
admin
Messages: 117
Registered: September 2007 |
Senior Member |
|
|
Yes because you are a level 3 merchant and you are an online merchant that processes cards from your website you will have to undergo:
1. Quarterly PCI compliance scans (by an Authorized Network Scanning Vendor)
2. Fill out a short PCI questionnaire annually.
3. Fill out an Attestation of Compliance for Onsite assessments, a sample of this form may be found here: https://www.pcisecuritystandards.org/saq/docs/aoc_merchants. doc
Again this is because you are Level 3 (20,000 to 1 million annual transactions). Different merchants are often times different levels and will have have the same requirements.
PCI compliance is mandatory for all merchants per the card Issuers (Visa, MC, etc), though some third party processors such as Paypal's beginner/free option covers PCI compliance for it's small merchants.
But if you want to upgrade to their Pro or WebPayments options you will find that you actually have a higher annual fee with them than you would with a merchant processor's PCI program (I have seen Paypal's PCI compliance for their WebPayments Merchant Account options for $199+) In the near future nearly ALL merchant providers will have their own PCI compliance programs that they will be able to assist you with. You may also reference this article for more information on PCI compliance and links to PCI compliance resource sites:
http://www.merchantseek.com/news/pr060308.htm
[Updated on: Mon, 07 December 2009 14:57]
Forum Admin
MerchantSeek.com
Your Payment Acceptance Source
|
|
|
|
| Re: PCI Compliance for Level 3 Vendor [message #133 is a reply to message #132 ] |
Mon, 07 December 2009 16:26 |
admin
Messages: 117
Registered: September 2007 |
Senior Member |
|
|
You will provide it to your merchant provider or scanning vendor upon their request. It is usuall your merchant provider's responsibility to ensure that all their merchants are pci compliant
Forum Admin
MerchantSeek.com
Your Payment Acceptance Source
|
|
|
Members
Search
Help
Register
Login
Home
E-mail to friend 
