Although PCI compliance among Level 1 and Level 2 merchants has garnered much industry attention, savvy acquirers instead are focusing their attention on Level 4 merchants. Keeping these customers compliant—and secure—is the key to mitigating risk.

The 6 million Level 4 merchants in North America alone pose a significant risk for their acquirers. Defined by Visa as those with less than one million total transactions (or less than 20,000 e-commerce transactions) each year, these merchants represent 85 percent of reported data compromises, and their PCI compliance rates are in the single digits.

Engaging small merchants on security issues, however, is challenging because most are focused on daily business, and few have adequate resources to make compliance a priority. Therefore, it’s up to acquirers (banks and ISOs) to educate them and drive the compliance initiative.

Download the full PDF.