opener

Payment Card Policies

Payment Card Policies
Merchant Policies Templates and Supplemental Forms

All merchants must select the correct template, update the template, save, and keep on file for their particular merchant environment.

  • Category 1 - All credit card processing is outsourced.
  • Category 2 - Merchant only processes payments using a dial up (copper phone line or cellular) terminal.
  • Category 1 and 2 - Merchant Business Unit processes payments by dial up or cellular terminal and accepts payments by outsourced e-commerce website
  • Category 1, 2, and 4 - Merchant business Unit processes payments by dial up or cellular terminal and accepts payments by outsourced e-commerce website and also by virtual terminal.
  • Category 3 - Merchant only processes payments using an IP terminal.
  • Category 4 - Merchant only processes payments using a web-based (virtual terminal, and does not store cardholder data electronically.
  • Category 5 - Merchants which store cardholder data in electronic format, or does not fit categories 1 through 4.
  • Category P2PE - Merchant only processes payments using a validated P2PE solution or is using an E2EE solution that was verified by an application penetration test.

Merchant Operational Policies and Procedures Templates

Supplemental Forms

Diagram Guidance

Responsibility Checklists

General Merchant Policies

IT / Advanced Security Policies

Reviewed 2015-04-09.