Uncategorized

MasterCard Site Data Protection Program

by

July 11, 2018

It’s vital you have the information you need to stay compliant when you’re processing credit card payments. Part of this is ensuring you meet the requirements of the various credit card issuers like Visa, AMEX, and MasterCard. In this article we’ll be exploring credit cards issued by MasterCard and governed by the MasterCard Site Data Protection (SDP) Program.

 


What is the MasterCard SDP?

Just like other card providers, a large part of the MasterCard’s requirements is making sure you’re complying with all aspects of PCI DSS — A set of guidelines and regulations on taking payment, securing information, and protecting your systems. If you’re not already familiar with it, be sure to check out our article on PCI compliance.

Once you’ve checked you’re meeting PCI DSS standards, you’ll need to make sure you’re compliant with MasterCard’s Site Data Protection program. In this article, we’ll break it down into easily understandable steps.

Find Out What “Level” You Are

MasterCard decides what you need to do based on the “level” it gives to you, called “merchant level.” Levels run from 1 (highest) to 4 (lowest). The higher your level, the more you’ll need to do for the SDP. MasterCard levels may overlap with Visa levels, but be sure to check all the requirements. Here are the factors to help decide what level you are.

Level 1 Merchants

You are a level 1 merchant if one or more of the following are true:

  • Credit card or account data you hold has been hacked, attacked, or compromised.
  • You’ve processed more than six million Maestro and MasterCard transactions in the last year.
  • Visa has determined you are a level 1 merchant. (Check your Visa level.)
  • MasterCard assigns you the status of level 1 merchant.

Level 2 Merchants

You are a level 2 merchant if one or more of the following are true:

  • You’ve processed more than one million but fewer than six million Maestro and MasterCard transactions in the last year.
  • Visa has determined you are a level 2 merchant.

Level 3 Merchants

You are a level 3 merchant if one or more of the following are true:

  • You’ve processed more than 20,000 but fewer than one million Maestro and MasterCard ecommerce transactions in the last year.
  • Visa has determined you are a level 3 merchant.

Level 4 Merchants

If you don’t meet any of the criteria above, you’re considered a level 4 merchant.

While we’ve provided these level outlines as a guide, MasterCard says that deciding your merchant level can raise questions. They recommend you contact your bank and ask for assistance.

Here’s what MasterCard needs you to do, based on your merchant level. Links below the chart also provide more information on each requirement.

MasterCard SDP levels

Qualified Security Assessor
Self-Assessment
Approved Scan Vendor

Once you know what you need to do for the MasterCard Site Data Protection Program, you’ll need to contact an approved vendor to carry out the requirements and go through the validation process. Then, after you’re verified as compliant, let your bank know and they will confirm your compliance to MasterCard.

Useful Resources and Further Information

TwitterFacebookLinkedIn
Paul Maplesden

BY Paul Maplesden

Paul Maplesden is a freelance writer specializing in business, finance, and technology. He brings shrewd research skills to CardFellow, resulting in detailed, actionable information for business owners.Paul finds writing about money deeply interesting, and much of his work for CardFellow focuses on the intersection of payments and technology. Whether he's writing about the latest payment app or detailing the differences in popular ecommerce platforms, Paul's work helps businesses understand the myriad products and services available in the processing industry.Aside from writing, he loves Earl Grey tea, pivot tables, hats, and other fine geekery.

FOUND THIS USEFUL? SHARE THIS!
 

Credit Card Processing exposed

Use the secrets that credit card processors don't want
you to know to drastically lower your credit card
processing fees.

Read Now!
 

You might also like…

American Express Data Security Operating Policy
Visa-Cardholder-Information-Security-Program

View all articles

Please join the conversation

Your email address will not be published.