Overview
Visa and MasterCard have jointly developed a set of rules for merchants [people who take card payments] who store, process or otherwise have access to cardholder information. The objective of these rules is to ensure that the cardholder’s details remain safe.
These rules are commonly called PCI, or in a longer version as PCI DSS which stands for Payment Card Industry Data Security Standards.
All of the UK acquiring banks require merchants to comply with this rules to varying levels dependent on the amount of card payments that they take.
Typically following the guidelines laid down has helped many merchants improve their general security and in doing improved the value of their organisation.
The BIG question is “Do I need to be compliant ?”
All merchants, whether small or large, need to be PCI compliant. Visa and Mastercard have collectively adopted PCI DSS as the requirement for organisations that process, store or transmit payment cardholder data. PCI SSC is responsible for managing the security standards while each individual payment brand is responsible for managing and enforcing compliance to these standards.
For questions regarding compliance validation requirements and deadlines as well as compliance reporting requirements, we recommend that you contact your acquirer. For more information regarding the PCI security standards and supporting documentation, including the “Navigating the PCI DSS” as well as targeted Self Assessment Questionnaires to assist small and medium merchants, please visit the PCI SSC website at: www.pcisecuritystandards.org
organisationes are divided into four levels depending on the volume and type of transaction you process.
See the table below to find out which level your organisation is, and what you need to do to comply.
Level Criteria Compliance requirement
Level 1
Any merchant processing in excess of 6 million MasterCard OR Visa transactions a year or any merchant that has lost data due to a security breach, compromise or a “hack”
- Annual on-site audit
- Quarterly vulnerability scan
Level 2
Any merchant processing between 1 and 6 million Annual MasterCard OR Visa transactions a year
- Self Assessment Questionnaire
- Quarterly vulnerability scan
Level 3
Any e-commerce merchant processing between 20,000 and 1 million MasterCard OR Visa transactions a year
- Annual Self Assessment Questionnaire
- Quarterly vulnerability scan
Level 4
Any merchant not level 1, 2 or 3
- Annual Self Assessment Questionnaire
- Vulnerability scan at least annually
Best For
If you anticipate or are taking over £100,000 in foreign currencies then this solution may be for you.
Cardsave will setup a standard UK Merchant Account will also allows foreign currencies however will also setup Merchant Accounts in the other currencies that you require – typically Dollars & Euros. Whilst there may be other charges in terms of setting up the Dollar &Euro accounts it means that you have a simple solution that puts you in control of when to use/spend /convert the foreign currency.
