PCI DSS Requirements and PCI DSS Merchant Levels | American Express | AMEX

Charles Denyer — Fri, 26 Jun 2009 15:16:18 +0000

While most individuals focus on Merchant Levels for VISA, it’s important to note that the additional payment brands, such as American Expresss (AMEX), have defined their own respective merchant levels based on transaction volume and what the requirements are. With that said, listed below are AMEX’s Merchant Levels and their corresponding requirements:

Level 1: Merchants processing over 2.5 million American Express Card transactions annually or any merchant that American Express otherwise deems a Level 1.

Level 2: Merchants providing 50,000 to 2.5 million American Express transactions annually or any merchant that American Express otherwise deems Level 2.

Level 3: Merchants processing less than 50,000 American Express transactions annually.

Level 4: NA. (AMEX does not have a 4th level, such as VISA).

Level 1 Requirements: Annual onsite review by QSA (PCI DSS Assessment) and Quarterly Network Scan by ASV.

Level 2 Requirements:Quarterly Network Scan by ASV.

Level 3 Requirements:Quarterly Network Scan by ASV.

To learn about PCI DSS compliance and the varying requirements for merchants and service providers, please visit pciassessment.org

Regulatory Compliance, Governance and Security » PCI DSS Requirements and PCI DSS Merchant Levels | American Express | AMEX

PCI DSS Requirements and PCI DSS Merchant Levels | American Express | AMEX