If your business stores, processes or transmits cardholder data, you have an obligation to ensure you protect your customers and your business against data breaches. This applies to all businesses, regardless of size and is a mandatory requirement set up by the card schemes.
As CityPay does not evaluate PCI compliance requirements, we have partnered with Trustwave, a leading provider of PCI compliance management services. These services include quarterly scans, and auditing services.
You can reduce your exposure to risk with an integration with Paylink Hosted Form , Virtual Terminal Solutions , Card Holder Accounts , and Batch Payments . All sensitive information is stored and managed within our PCI compliant network rather than on your local network.
If you process primarily e-commerce transactions online you may have to complete and pass quarterly network scans. A scan is required for each external IP address that processes cardholder data and has to be validated by a PCI-DSS Approved Scanning Vendor (ASV). These checks are still mandatory to guarantee that your implementation is deployed in a compliant manner.
What level of merchant are you?
Whether you just process a few transactions or accept millions per year, your business is categorised by 4 PCI DSS levels. Your level is based on the following criteria and actions you need to take:
|Level||Type of Business||Actions required for compliancy|