Error message

  • Deprecated function: Array and string offset access syntax with curly braces is deprecated in include_once() (line 20 of /home/drbiz/public/
  • Deprecated function: implode(): Passing glue string after array is deprecated. Swap the parameters in drupal_get_feeds() (line 394 of /home/drbiz/public/

Merchant Level

The Payment Card Industry defines four merchant levels based on the number of transactions per year with a single card issuer and prior history. The table below shows the level requirements and auditing requirements.

Merchant Level e-Commerce Transactions /year Non e-Commerce Transactions /year Validation Action Validated By
1 6,000,000+ 6,000,000+ Annual on-site PCI Assessment Qualified Security Assessor OR Internal Audit if signed by company officer
2 1,000,000-5,999,999 1,000,000-5,999,999 Annual PCI Self-Assessment Merchant
3 20,000-999,999 Not Applicable Annual PCI Self-Assessment Merchant
4 1-19,999 1-999,999 Annual PCI Self-Assessment Merchant

In addition to the above validation requirements, a quarterly network scan by an approved scanning vendor is required. This may not apply to all merchants. Contact Daly Realism for details.

Each of the limits apply separately to each card issuer. It is possible to be level 3 for one issuer and level 4 or another. At each issuers discresion, an issuer may require a merchant to go to a higher (smaller number) level.

Daly Realism focuses on providing services to Merchants in levels 2-4.