Customer Login | Not a member? Signup Now!
  • PCI Scanning
  • NMAP Scanning
  • Port Scans
  • Network and Services Scanning
  • Everything from WatchDog
  • Vulnerability
  • Patchlevel

Payment Card Industry (PCI) Compliance is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect their customers from increasing identity theft and security breaches. Any company that accepts, processes, or stores credit card information needs to comply with the standards set by the Payment Card Industry.

Vulnerability Assessment Scans must be performed by Payment Card Industry Approved Scanning Vendors (ASV). The scan will be performed over all externally facing IP addresses that touch the credit card acceptance, transmission and storage process. Scans must be turned into the merchant bank on a quarterly basis.

If a level 3,4 or 5 vulnerability is found during a PCI Scan, the company will not receive a passing PCI Scan report.

The PCI compliance process can take anywhere from one day to two weeks. The amount of time it takes for a company to be considered PCI Compliant is dependent on the threats the PCI scan discovers and the amount of time it takes to complete the self assessment questionnaire.

Both the passing PCI Scan and Annual Self Assessment Questionnaire should be turned into your merchant bank. Your merchant bank will then report back to the Payment Card Industry that your company is PCI Compliant.

Our Site may provide links to web sites not operated by IndepthScanner. Access to any other sites linked to this Site is at your own risk. We assume no responsibility for third-party web sites. For example, we do not vouch for the accuracy or reliability of the information on third-party web sites, even if someone from our company is quoted or leaves a comment.

We assume no responsibility for the content of or services offered by linked third?party sites, and make no representations regarding the accuracy of materials on third?party Web sites. Statements made on third-party Web sites linked to or from this site reflect only the views of their authors and not of IndepthScanner.

(INCLUDING BUT NOT LIMITED TO DAMAGES OR INJURY CAUSED BY ERROR, OMISSION, INTERRUPTION, DEFECT, FAILURE OF PERFORMANCE, MISDIRECTED OR REDIRECTED TRANSMISSIONS, FAILED INTERNET CONNECTIONS, UNAUTHORIZED USE OF THIS SITE, LOST DATA, DELAY IN OPERATION OR TRANSMISSION, BREACH OF SECURITY, LINE FAILURE, DEFAMATORY, OFFENSIVE OR ILLEGAL CONDUCT OF ANY USER OF THIS SITE, OR COMPUTER VIRUS, WORM, TROJAN HORSE OR OTHER HARMFUL COMPONENT), EVEN IF YOU HAVE ADVISED TRUSTe IN ADVANCE OF THE POSSIBILITY OF SUCH DAMAGE.


What are my requirements for PCI Compliance?

The requirements for becoming Payment Card Industry (PCI) Compliant are dependent upon the merchant level that a company falls under. Merchants are divided into four different levels based on the number of transactions they process throughout a year.

Level 1 Criteria:

  • Merchants with over 6 million transactions a year
  • Merchants whose data has been compromised

Level 1 Requirements:

  • Annual Onsite Security Audit and quarterly network security scan

Level 2 Criteria:

  • Merchants with 150,000 to 6 million transactions a year

Level 2 Requirements:

  • Annual Self Assessment Questionnaire.
  • Quarterly Scan by an Approved PCI Scanning Vendor

Level 3 Criteria:

  • Merchants with 20,000 to 150,000 transactions a year

Level 3 Requirements:

  • Quarterly Scan by an Approved PCI Scanning Vendor

Annual Self Assessment Questionnaire

Level 4 Criteria:

  • Merchants with less than 20,000 transactions

Level 4 Requirements

  • Need to report compliance but must maintain compliance.


Have questions? Click here to contact us

© Copyright 2008 InDepthScanner. All rights reserved.

Home  |  PCI Scanning  |  Seals  |  Sign Up  |  Members  |  Terms & Conditions