We’re pleased to report that after our most recent Level 1 Service Provider PCI Audit, Segpay remains in full compliance. What does this mean to you, our merchants? As a Level 1 service provider, Segpay is part of Visa’s Global Registry of Approved Service Providers. The Level 1 Audit is the deepest dive that a group of outside auditors will do on a payment system to be sure it’s secure. PCI compliance is also a requirement for any company to accept credit card payments.
All merchants processing between $1-6-million in transactions per year, and service providers processing, storing, or transmitting more than 300,000 card transactions per year are required to be audited for PCI compliance. A Level 1 Audit is also required for licensing in both the U.S. and the EU. This yearly process takes several team members to prepare and ensure we meet all the requirements mandated by the Payment Card Industry (PCI) Security Council. This is directed by American Express, Discover, JCB International, MasterCard, and Visa Inc. The requirements include things like completing an annual Report on Compliance (ROC) by a Qualified Security Assessor (QSA), a quarterly network scan by an approved scanning vendor (ASV) and internal scans, penetration tests, and attestation of compliance (AOC) forms are also completed as part of the requirements. For the ASV and internal scans, Segpay takes them a step further and processes monthly scans for both.
This process is designed to help everyone. It’s about the safety and security of merchants who rely on processors to have the tightest security measures in place to protect consumer data. We’re proud to say Segpay has completed its 2021 PCI audit and continues to remain fully PCI compliant.