Results 1 to 2 of 2
  1. #1

    Exclamation Level 2 Merchants Required to Have On-Site Assessment by QSA

    On June 15, 2009 MasterCard International introduced several changes to their Site Data Protection (SDP) program. Among these changes was a new requirement for Level 2 Merchants to undergo an on-site assessment by a Qualified Security Assessor in order to validate their PCI DSS compliance. The initial deadline for these validations is December 31, 2010.

    MasterCard has posted a change to their Site Data Protection program that requires Level 2 merchants to use a QSA and an on-site assessment. This is a dramatic change from the current, industry wide requirement of self-assessing for merchants processing less than six million transactions annually.

    While this is definitely going to put a dent in Level 2 merchant budgets from this point on, there have been a number of breeches involving larger merchants creating higher risk for the card brands. This is not an unexpected move by MasterCard and so far none of the other card brands have changed their status. Itís unclear if others will follow suit, but regardless, if you are defined as a Level 2 merchant with ANY card brand, you are automatically a Level 2 with MasterCard, and are now required to have an on-site assessment.

    Previously, Level 2 Merchants were required to submit an Annual Self-Assessment Questionnaire and undergo Quarterly Network Scans by an Approved Scan Vendor (ASV)... more
    ZZ Servers - Business Hosting, HIPAA and PCI Compliant Hosting Solutions -
    Xen Virtual Private Servers | Dedicated Servers | Shared Hosting
    Custom configurations, firewall, VPN, load balancers, private networks and more.

  2. #2
    Join Date
    Oct 2006
    Montreal, QC, Canada
    Level 2 merchants process between 1M and 6M of transactions per year. This means they likely have a multi-millions dollars of revenue. I guess they can absorb the expense :-)

    I wish I was a Level 2 merchant...

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts