Javascript is required for this site to function correctly.
Please enable Javascript support.

Overview of PCI Header

All merchants will fall into one of the four merchant levels based on Visa transaction volume over a 12-month period. Most merchants which will find this website and the appropriate SAQ applicable will fall into Level 4 - the highlighted blue section.

* Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level.

** A merchant meeting Level 1 criteria in any Visa country/region that operates in more than one country/region is considered a global Level 1 merchant. Exceptions may apply to global merchants if no common infrastructure exists or if Visa data is not aggregated across borders; in such cases the merchant validates according to regional levels.

In addition to adhering to the PCI Data Security Standard, compliance validation is required for Level 1, Level 2, and Level 3 merchants, and may be required for Level 4 merchants.

*The PCI DSS requires that all merchants with externally-facing IP addresses perform external network scanning to achieve compliance. Acquirers may require submission of scan reports and/or questionnaires by level 4 merchants. As a level 4 merchant with no external IP addresses connected to a system that processes cardholder data, all that is required is the annual SAQ!