|
|
|
|
|
|
|
As a Service Provider, it is important to understand how you are defined in the MasterCard SDP Program. This level of understanding will help define the compliance steps that you are required to complete.
The matrix below identifies Service Provider Levels, how they are defined, and the required validation procedures by Level.
|
Service Provider Definition
|
Criteria
|
Requirement
|
|
Level 1
|
- All TPPs
- All DSE’s that store, transmit, or process greater than 1,000,000 total combined MasterCard and Maestro transactions annually
|
- Annual Onsite review performed by a Qualified Security Assessor (QSA)
- Quarterly scan by an Approved Scanning Vendor (ASV)
|
|
Level 2
|
- Includes all DSE’s that store, transmit, or process less than 1,000,000 total combined MasterCard and Maestro transactions annually
|
- Annual Self-Assessment Questionnaire (SAQ)
- Quarterly scan by an Approved Scanning Vendor (ASV)
|
|
|
|
|
|
|
|
|
|