Skip to content
Aanetic
💳 PCI DSS

PCI DSS for Merchants

Merchant Levels 1–4 validation

Merchants are categorised into four levels by annual card transaction volume. We confirm your level, select the right SAQ and prepare every artefact your acquirer expects.

Speak to a specialist →Back to PCI DSS
In scope

What this covers

The specifics that matter for PCI DSS for Merchants.

Get a scoping call
01

Level 1: >6M transactions/year — annual RoC by a QSA (or internal auditor) and quarterly ASV scans.

02

Level 2: 1M–6M transactions/year — annual SAQ and quarterly ASV scans.

03

Level 3: 20,000–1M e-commerce transactions/year — annual SAQ and quarterly ASV scans.

04

Level 4: <20,000 e-commerce or up to 1M total — annual SAQ and ASV scans per acquirer.

More in PCI DSS

PCI DSS for Service ProvidersLevel 1 & Level 2 service-provider validation

Get certified-ready for Merchants

Book a working session with an Aanetic expert and walk away with a clear roadmap.

Talk to an expertBrowse services