Regulatory Compliance, Governance and Security

Jul 27 2009   11:49AM GMT

PCI DSS Service Provider Levels for VISA | Level 1 to Level 3



Posted by: Charles Denyer
Tags:
Annual onsite review by QSA
PCI DSS service provider levels
qsa
qualified security assessor
SAQ
visa
VisaNet

PCI DSS Service Providers Levels for VISA are defined as the following:

Level 1: All VisaNet processors (member and non-member) and all payment gateways.

Level 2: Service Providers (agents) not in Level 1 that store, process, or transmit > 1 million accounts/transactions annually.

Level 3: Service Providers (agents) not in Level 1 that store, process, or transmit < 1 million accounts/transactions annually.

Additionally, these various “levels” have predefined requirements for PCI DSS compliance, which essentially call for the following:

* Annual onsite review by QSA
* Quarterly network scan by ASV
* Annual Self-Assessment Questionnaire
(Canada: SAQ required and must be reviewed by QSA)

In short, you will need to retain a Qualified Security Assessor (QSA) to help with PCI DSS compliance. A QSA will assist in guiding your organization through an actual on-site assessment.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: