The following shares details for the tiered levels and audit compliance criteria for Pay Card Industry Data Security standard (PCI/DSS v3.2)

http://scanforsecurity.com/pci-dss-why-do-you-need-it-and-how-does-it-works/

PCI DSS (Pay Card Industry Data Security standard) is a security standard for the payment card industries. The standard has been developed by the international payment systems of Visa and MasterCard. Any organization that plans to accept and process the bank card data on its site must comply with PCI DSS requirements. There are four levels of PCI DSS certificates that are primarily different from the maximum number of transactions processed:

* Level 4 — up to 20 thousand transactions per year.
* Level 3 — 20 thousand to 1 million transactions per year.
* Level 2 — from 1 million up to 6 million transactions per year.
* Level 1 — only conducted with an independent auditor (QSA) and allows more than 6 million transactions per year to be processed.

PCI DSS certification allows you to work with banks directly through the bank’s payment interfaces and the internet enterprise itself. This eliminates the customer’s transition to a third-party site. In addition, building your own payment system allows you to work directly with multiple banks, “balancing” between them, and build a “cascade” system of payments. With a “cascade” payment, its authorization is performed sequentially in several banks and processing centers, which can significantly reduce the percentage of transactions that have been rejected.