Posted by admin on Apr 16, 2010


Compliance is Necessary to Keep You Safe

Does every company have to comply with PCI DSS security regulations which protect cardholder information?

You bet they do.

Any merchant or payment provider which stores, processes, and/or transmits cardholder data must be PCI DSS compliant.  Regardless of how big or small the company is or the number or volume of payment processed. 

No payment or cardholder information can be retained by merchants unless incredibly strict compliance is achieved and maintained.

But wait, there’s more.

PCI security requirements apply to more than cardholder information in a digital form. 

Companies also must get rid of printed material that contains payment or cardholder information.  Disposal must be done in a responsible way which includes complete shredding of documents.

Entities that handle payment card transactions are categorized into 4 distinct levels.  The levels determine the validation processes that must be performed and maintained to ensure compliance.

  • Level 1: Merchants with more than 6 million card transactions.  Merchants which have had cardholder data compromised, regardless of size of merchant, are also included in Level 1.
  • Level 2: Merchants with card transactions between 1 and 6 million
  • Level 3: Merchants with card transaction between 20,000 and 1 million
  • Level 4: All other merchants

Off-load Compliance to Your Payment Gateway

Using a PCI-DSS compliant payment gateway helps you comply with regulations. When your process through a secure gateway, you can offload many of the PCI-DSS security requirements to the gateway provider. 

The gateway encrypts transactions, provides extensive security functions, protects you from processing vulnerability, and keeps your payments safe. 


Complying with PCI-DSS security requirements is necessary for all merchants. By using a payment processing gateway, you can offload much of the the "heavy lifting" required for PCI-DSS compliance to the gateway.

Saving you time, effort, and expense of handling PCI compliance on your own. 

How are you currently handling PCI-DSS requirements?

For more information, contact