Visa PCI DSS Service Provider Requirements | pciassessment.org

July 16, 2009

Listed below are the VISA Service Provider Requirements in regards to PCI DSS compliance.

Level 1 for Canada, Europe and USA

  • Annual on-site review by QSA
  • Quarterly Network Scan by ASV
  • Annual Self-Assessment Questionnaire (Note: Self Assessment Questionnaire required in CANADA and must be reviewed by a QSA)

Level 2 for Canada, Europe and USA

  • Annual on-site review by QSA
  • Quarterly Network Scan by ASV
  • Annual Self-Assessment Questionnaire (Note: Self Assessment Questionnaire required in CANADA and must be reviewed by a QSA)

Level 3 for Canada, Europe and USA

  • Annual on-site review by QSA
  • Quarterly Network Scan by ASV
  • Annual Self-Assessment Questionnaire (Note: Self Assessment Questionnaire required in CANADA and must be reviewed by a QSA)

In summary, if you are a Service Provider, an annual on-site assessment/review by a QSA will have to be conducted.

PCI DSS Requirements

Does your business meet the 12 requirements for achieving PCI DSS compliance?

  • Do you maintain a secure network?
  • How well do you protect cardholder data
  • What are your access control measures?

Learn about all 12 PCI DSS requirements