There are four levels of PCI compliance as determined by Visa and MasterCard. These levels are based on the transaction volume (including credit, debit, and prepaid) over a 12-month period. Merchants that have been affected by a security breach which resulted in compromised card data may be escalated to the next level.
Merchant Level Description
- Any merchant processing over $6M Visa and/or MasterCard transactions per year.
- Any merchant processing $1M to $6M Visa and/or MasterCard transactions per year.
- Any merchant processing $20,000 to $1M Visa and/or e-commerce transactions per year.
- Any merchant processing less than $20,000 Visa and/or MasterCard e-commerce transactions per year, and all other merchants processing up to $1M Visa and/or MasterCard transactions per year.