Global Payments Level 4 Merchants PCI DSS Program

To demonstrate our level of commitment, Global Payments has engaged SecurityMetrics™, a leading provider and innovator in merchant data security and compliance for businesses worldwide, to assist Level 4 Merchants with secure and innovative Payment Card Industry (PCI) Data Security Standard (DSS) solutions for businesses. Global Payments in conjunction with SecurityMetrics™ offers the Level 4 Merchant PCI DSS Program designed to provide merchants with the resources needed to achieve and maintain PCI DSS Compliance. If your business accepts, stores, or transmits card data, PCI DSS compliance is required by card brands such as Visa, MasterCard and Discover.

The PCI DSS Program applies to all Level 4 Merchants, though all merchants are required to be compliant. Level 4 Merchants are all merchants regardless of acceptance channels processing less than 20,000 MasterCard or Visa ecommerce transactions per year and all other merchants processing up to 1 million MasterCard or Visa transactions per year.

The Level 4 Merchant PCI DSS Program is included in the PCI Compliance Fee merchant pay monthly to Global Payments per merchant ID (with up to 3 quarterly IP scans - additional scans can be accommodated at $5 per additional scan).

Non-compliance Fee - If PCI DSS is not achieved, maintained and posted in the SecurityMetrics portal, a noncompliance fee up to $100 a month per merchant ID.

  • Achieve and Maintain PCI Compliance - PCI compliance is not a single event, but an ongoing process. As technology and card processing situations change, SecurityMetrics PCI Focus is designed to help you achieve and maintain PCI compliance.
  • Consultation - SecurityMetrics assists merchants in validating compliance and implementing the Payment Card Industry Data Security Standard.
  • Prevent Cardholder Data Theft - SecurityMetrics PCI Focus guides you through PCI requirements to help you avoid data theft.
  • Avoid Fines - Reduces the risk of possible fines imposed by the Card Schemes and your merchant Acquirer.
  • Reduce liability - PANscan points you to files on your system where unencrypted card data is stored. This allows you to discover the storage source so future card storage can be stopped.
  • Protection - Each merchant enrolled in the program will be covered for up to $100,000 per merchant ID, should a breach occur at the merchant location.

The Payment Card Industry Data Security Standard (PCI DSS) was established in 2006 by the major card brands (Visa, MasterCard, American Express, Discover Financial Services, JCB International). All businesses that process, store, or transmit payment card data are required to implement the standard to prevent cardholder data theft.

Your business depends on your reputation and integrity. Ensuring cardholder data is secure will allow you to continue to grow your business while maintaining the integrity of your reputation. A security incident at your merchant location could result in loss of sales, adverse reputational damage and increased cost due to fines.

Global Payments requires merchants to achieve PCI DSS compliance and we report merchant PCI DSS status to the Card Schemes. If a merchant fails to achieve and maintain PCI DSS compliance, Global Payments will advise the merchant and apply a monthly non-compliance charge per merchant ID. If a merchant remains non-compliant, we will apply the monthly non-compliance charge per merchant ID for each month the merchant remains non-compliant. The charge will be applied the following month in arrears and is not refundable.

Sign Up for the Level 4 Merchant PCI DSS Program.

When signing up please have the following information available:

  • Your Merchant ID Number/s
  • All IP Address/es where card data is stored, processed or transmitted (which can be a website and/or office PC)
  • Details of any Payment Service Providers used
  • Authority to proceed (from the business owner if it's not you)

Call SecurityMetrics 877.705.6073* or Get Started now.

*Lines are open Monday to Friday, 4am - 8pm eastern. Calls may be monitored and/or recorded. Any recording remains SecurityMetrics sole property.

Merchants do not have to choose the Program, but merchants must achieve and maintain PCI DSS compliance. Essentially merchants have three options:

  • Option 1: Through an alternative Qualified Security Assessor (QSA).
  • Option 2: Complete a Self-Assessment Questionnaire (SAQ) - non scanning merchants only.
  • NOTE: If merchants choose one of the above options merchants will have to provide evidence of their compliance to SecurityMetrics to avoid the monthly $50 Non-compliance Fee*

  • Option 3: Fail to comply - Pay the monthly non-compliance charge and increase your risk of unlimited fines.

The PCI Data Security Standard represents a common set of industry tools and measurements to help ensure the safe handling of sensitive information. Initially created by aligning Visa's Account Information Security (AIS)/Cardholder Information Security (CISP) programs with MasterCard's Site Data Protection (SDP) program, the standard provides an actionable framework for developing a robust account data security process - including preventing, detecting and reacting to security incidents. The updated version, version 1.1, developed by the founding members of the PCI Security Standards Council, became effective with the launch of the PCI Security Standards Council.

Sign up for the Level 4 Merchant PCI DSS Program and get access to SecurityMetrics who will help merchants achieve and maintain PCI DSS compliance.

For additional information, click here to visit the Payment Card Industry Security Council website.