Discover announces PCI data security merchant levels

Discover Financial Services announced it is rolling out an enhancement to its Discover Information Security and Compliance (DISC) program that will streamline the validation and reporting process, making it easier for merchants that process transactions on the Discover Network to communicate their compliance with the PCI Data Security Standard (DSS).

DISC is Discover Network’s compliance management program and was designed to support the requirements outlined in the PCI DSS. The PCI DSS is an industry security requirement for safeguarding payment cardholder data. It was developed to facilitate the broad adoption of consistent data security measures on a global basis to assist in the prevention of cardholder data compromises in the card payments industry. PCI DSS compliance is required of any organization that stores, processes or transmits payment cardholder data.

Discover’s merchant level framework enhancement helps bring network merchant categorization into closer alignment and each merchant level will have its own associated validation and reporting requirements. The merchant level framework is comprised of four levels:

• Level 1 – all merchants processing more than 6 million Discover Network transactions per year; any merchant that Discover Network determines should meet level 1 compliance and reporting requirements; all merchants required by another payments network to validate and report as a level 1 merchant
• Level 2 – all merchants processing 1 million to 6 million Discover Network transactions per year; all merchants required by another payments network to report compliance as a level 2 merchant
• Level 3 – all merchants processing 20,000 to 1 million Discover Network card-not-present only transactions per year; all merchants required by another payments network to report as a level 3 merchant
• Level 4 – all other merchants.