Level 1: Merchants that process over 6 million card transactions annually. Level 2: Merchants that process 1 to 6 million transactions annually. Level 3: Merchants that process 20,000 to 1 million transactions annually. Level 4: Merchants that process fewer than 20,000 transactions annually.18 Jan 2022
Why is PCI DSS compliance important?
The whole purpose of the PCI DSS is to protect card data from hackers and thieves. By following this standard, you can keep your data secure, avoiding costly data breaches and protecting your employees and your customers.13 Jul 2016
Who needs to comply with PCI DSS?
The PCI DSS applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational system components included in or connected to cardholder data. If you accept or process payment cards, PCI DSS applies to you.
Is PCI DSS compliance mandatory?
Although the PCI DSS must be implemented by all entities that process, store or transmit cardholder data, formal validation of PCI DSS compliance is not mandatory for all entities. Currently, both Visa and MasterCard require merchants and service providers to be validated according to the PCI DSS.
Do I need to comply with PCI DSS?
Any business that transmits, stores, handles, or accepts credit card data — regardless of size or processing volume — must comply with the PCI DSS Standards. If you only process three credit card transactions a month, you must comply with PCI standards.