PCI DSS Certified Assessor
Merchant Compliance Levels
All vendors fall into one of four PCI merchant compliance levels. Your merchant level is defined by the major card vendors and assigned by the merchant acquirer or bank. The assigned merchant level is determined by the number of transactions that occur over a year.
PCI Compliance Level 1 - The merchant completes greater than 6 million transactions annually, has experienced an attack resulting in compromised card data, or the merchant has simply been deemed level 1 by a card association.
PCI Compliance Level 2 - The merchant completes between 1 million and 6 million transactions annually.
PCI Compliance Level 3 - The merchant completes between 20,000 and 1 million transactions annually.
PCI Compliance Level 4 - The merchant completes fewer than 20,000 transactions annually.
*Any merchant that has suffered a data breach of sensitive card data may be escalated to a higher validation level.*
Due to their high annual processing volumes, Level 1 Merchants must take the greatest efforts to secure the card processing systems. These merchants must complete annual on-site reviews by an auditor and successfully pass required network scans and penetration tests.
Merchant levels 2 through 4 must complete annual assessment questionnaires to validate that they operate in a PCI DSS compliant environment.
PCI DSS Requirements
The PCI DSS has 12 high-level requirements involving the protection of payment card data during processing, storage, or transmission. To be PCI compliant, entities must maintain secure internal operations, remediate insecure practices, and submit validation and/or compliance reports.
Chart retrieved from www.pcisecuritystandards.org
The Wildcard Differentiator
A Focus On Helping You Meet Deadlines
Wildcard’s compliance auditing framework is based on proven practices and principals that focus on conducting and completing the audit process with precision and expediency. We leverage our tools and processes to streamline the audit to identify gaps and offer remediations.
Wildcard offers a variety of services that align with the requirements associated with the PCI DSS. Wildcard can conduct the vulnerability assessment, penetration testing, and detection of common coding vulnerabilities. We can evaluate your environment to accurately determine the scope of the environment and conduct a gap analysis to address any lagging resources. Each of our services are designed to be integrated and to streamline the audit process for the most accurate and predictable results.
A Partner In Compliance
Wildcard assessors offer a unique blend of compliance, security, and workflow experience to efficiently drive results. We align our efforts with your organizational business objectives. We seek to help you build an environment where compliance boxes are checked because your operating standard is one driven by a secure culture.
Wildcard assessors have experience across multiple industries. We are able to understand the unique challenges facing your organizations and are able to evaluate the environment. We can apply DSS standards and compensating controls in the proper context to assist you in your compliance efforts.
Transparency & Clear Communication
A part of Wildcard’s mission is to provide its customers products and services that are transparent and easily understood. Wildcard prepares reports that are concise and delivered in an easily interpretable format.