Qualified Security Assessors

PCI Fines
Save $$ - Become PCI Compliant
Find Your Merchant Level Below
Review Applicable PCI Compliance Regulations
Certify not to pay PCI Fines

What we Offer
Professionals who explain options
Tools for easy PCI Compliance Qualifying
Peace of mind with PCI Fines
"A Partner" in your success
 
Merchant Level 4
Online Qualifying Level 4 PCI!
Become PCI Compliant Today
 
Self-Assessment Questionnaire
Enroll for Scanning Now
 
 
Merchant Level 3
Solutions to PCI Compliance
Immediate Level 3 PCI Solutions
 
Self-Assessment Questionnaire
Enroll for Scanning Now
 
 
Merchant Level 2
Large Merchant PCI Consultation
Secured Quarterly PCI Scan
 
Self-Assessment Questionnaire
Enroll for Scanning Now
 
 
Merchant Level 1
Personalized PCI Level 1
Best PCI Compliant Services
Enroll for Scanning Now
Enroll for Review Now
 
 
Level Level Description    

1
    Any merchant- regardless of acceptance channel-
  • processing over 6,000,000 VISA / MasterCard transactions per year
  • has suffered a hack or an attack that resulted in an account data compromise
  • VISA / MasterCard determines should meet the Level 1 merchant requirements to minimize risk to their systems
  • identified by any payment card brand as Level 1

Comply with DSS

 Required
On-Site Security Audit Required Annually
Self-Assessment Questionnaire  
Network Scans Required Quarterly
Validated By Qualified Data Security Company and Independent Scan Vendor

2
    Any merchant processing 1,000,000 to 6,000,000 VISA / MasterCard e-commerce transactions per year.

Comply with DSS

 Required
On-Site Security Audit  
Self-Assessment Questionnaire Required Annually
Network Scans Required Quarterly
Validated By Merchant and Independent Scan Vendor

3
    Any merchant processing 20,000 to 1,000,000 VISA / MasterCard e-commerce transactions per year.

Comply with DSS

 Required
On-Site Security Audit  
Self-Assessment Questionnaire Required Annually
Network Scans Required Quarterly
Validated By Merchant and Independent Scan Vendor

4
    Any merchant processing fewer than 20,000 VISA / MasterCard e-commerce transactions per year, and all other merchants processing up to 1,000,000 Visa transactions per year.

Comply with DSS

 Required
On-Site Security Audit N/A
Self-Assessment Questionnaire Recommended Annually
Network Scans Quarterly Network Scan completed by Approved Scanning Vendor (if applicable)
Validated By Requirement set by Payment Processor

PCI Fines

Visa PCI Non-Compliance Fines

If a member Bank, merchant or credit card service provider does not comply with the Payment Card Industry security requirements or fails to rectify a security issue, Visa may fine the responsible member. Visa may waive fines in the event of a data compromise if there is no evidence of non-compliance with PCI DSS and Visa rules.

To prevent fines a member, merchant, or service provider must maintain full compliance at all times, including at the time of breach as demonstrated during a forensic investigation. Additionally, a member must demonstrate that prior to the compromise the compromised entity had already met the compliance validation requirements, demonstrating full compliance.

MasterCard Non-Compliance Fines

MasterCard has become the first card brand to publish its PCI fines and related requirements. The noncompliance assessment structure now contains escalating assessments per violation within a calendar year.(See Chart to right)

Maximum assessments for initial noncompliance for Level 2 and Level 3 merchants have increased to $25,000 and $10,000, respectively.

MasterCard has grouped Levels 1 and 2 together. The first violation for those groups is $25K, jumps to $50K for the second violation, $100K for the third violation and $200K for the fourth. Level 3 retailers face first through fourth violation fines of $10K, $20K, $40K and $80K. Service providers that are ranked either Level 1 or Level 2 will see first through fourth violation fines of $25K, $50K, $100K and $200K.

PCI Compliance Solutions

The Payment Card Industry (PCI) Data Security Standard (PCIDSS) and PCI Fines is a worldwide information security standard assembled by the Payment Card Industry Security Standards Council (PCI SSC). The standards are created to provide organizations that process card payments ways and methods to prevent credit card fraud through increased internal controls around data and its exposure to compromise and theft.

We have the PCI Fines you need. The standards apply to all organizations which hold, process, or pass cardholder information from any card branded with the logo of one of the four major card brands, VISA, MasterCard, American Express and Discover Card.

Become PCI Compliant

Validation and certification of compliance can be performed either internally or externally, with the assistance of our PCI Fines, depending on the volume of card transactions the merchant organization is handling, but regardless of the size of the organization, compliance must be assessed annually.

Organizations handling large volumes of transactions, see chart above, must have their compliance assessed by an independent assessor known as a Qualified Security Assessor (QSA), while companies handling smaller volumes have the option of self-certification via a Self-Assessment Questionnaire (SAQ). In some regions these SAQs still require signoff by a QSA for submission.

Requirements of PCI Fines

The current version of the PCI DSS specifies 12 requirements for compliance, organized into six logically related groups, which are called "control objectives."
Start your Request

PCI Compliance Solutions
Fill out this simple form and start your road back to peace of mind.
Toll Free PCI Counselor Hotline: (866) 927-7180
Home Page | About Us | Terms of Use | Privacy | Licenses & Disclosures | Sitemap | Copyright © 2009 All information is secure Lock Icon