In: Electrical Engineering
explain the different levels of the PCI compliance (Payment Card Industry Security Standards Council) and what needs to be done for a corporation to satisfy the PCI requirements for the Level 4 (small-to-medium sized business)
If any corporation is willing to accept card payments, store, process and transmit the customers data, it must host the data securely with a PCI complaint hosting provider. Some of the primary members include Visa, Mastercard, JCB International etc.
Usually the business will fall into any of the below mentioned level based on the number of transactions processed per year.
1. PCI Level 1 Complaince - To fall into this level, the merchant must process over six million transactions per annum.
2. PCI Level 2 Complaince - As for this level, the merchant must process between one to six million trasactions per annum.
3. PCI Level 3 Complaince - Under this level, the merchant must process between 20,000 to one million transactions per annum.
4. PCI Level 4 Complaince - If a merchant processes less than 20,000 transactions annually it fall under this level.
A corporation must satisfy the following PCI requirements for PCI Level 4 complaince
1. A quarterly network scan must be done by an Approved Scanning Vendor
2. Must have an Self-Assessment Questionnaire (SQA) and need to check for any additional requirements related to your SAQ type
3. Must do an attestation of compliance form.