Merchants fall under four categories of PCI compliance with each level defined by the number of transactions they process
each year and whether those transactions are performed from a brick and mortar location or over the Internet. Each payment
card brand (Visa, MasterCard, etc.) has their own requirements and definitions of PCI compliance levels. Visa's definition
of PCI compliance level four merchants are those processing less than 20,000 Visa e-commerce transitions annually and all
other merchants processing up to 1 million Visa transactions annually.
In order for businesses to satisfy Visa's Level 4 merchant PCI compliance requirements, the following steps must be completed:
- Identify your validation type, as defined by the PCI DSS, to determine
which Self Assessment Questionnaire (SAQ) is appropriate for your business.
- Complete the SAQ according to the instructions and guidelines.
- Complete and obtain evidence of a passing vulnerability scan with a PCI SSC Approved Scanning Vendor (ASV).
However, scanning only applies to those for Validation Type 4 and 5, with external facing IP addresses.
- Complete the relevant Attestation of Compliance in its entirety, which is located in the SAQ tool.
- Submit the SAQ, evidence passing scan (if applicable) and the Attestation of Compliance, along with any other
requested documentation to your acquirer.
Element can help some merchants reduce their PCI compliance burden though their PCI DSS-compliant payment processing
solutions, including point-to-point encryption and
TransForm® tokenization technology. This helps merchants qualify for SAQ C
which contains significantly fewer questions than SAQ D (only 41 compared to 223), saving you time and giving you the
confidence that your payment transactions are protected by the most secure payment solution available.
Element has also partnered with Trustwave, a leading provider of PCI compliance management solutions to help ease the
process of compliance for businesses working toward Level 4 PCI DSS compliance. Element merchants are granted access to
Trustwave technologies to help make compliance validation easy and efficient, including non-technical users, as part of the
Element's PCI Compliance Program.
To learn more about the PCI Level 4 Compliance Program, view the brochure or
contact us today.