• WiFi Marketing

4 Levels of PCI Compliance For Restaurants & Retail Locations

by: Ron Zvagelsky On: July 24, 2018
3 min read

With the emphasis on security for all credit and debit card transactions, it’s important for every organization that accepts credit payments to understand the details of Payment Card Industry (PCI) data security standards.

That’s because PCI applies to anyone who handles card transactions – transmitting, accepting or storing card information. It doesn’t matter the size of the business or how many transactions they handle per month or year.

Here is how PCI works and how it can affect your business. It’s important to stay compliant, as fines can reach as much as $5,000 to $100,000 per month.

A Brief History

The PCI security standards launched in September 2006. The PCI Security Standards Council developed the standards and continues to manage and administrate them.

The independent council was created by all the major credit card brands – Visa, Mastercard, American Express, Discover and JCB. These brands are charged with enforcing the standards, not the PCI security council. All the current documents from the council are kept in an online library.

The idea is to make online transactions involving credit, debit and prepaid cards as safe and secure as possible.

The PCI Levels

The PCI security council established four different levels for card transaction security. They are based on the number of transactions an organization conducts over a one-year period. All merchants all into one of the four categories.

The level is determined by the aggregate number of transactions from a merchant listed as “doing business as” (DBA). Those with more than one DBA will have transactions from all them added together to determine the level.

Here are the levels. Keep in mind that this includes all card transactions – credit, debit and prepaid. Each of the transaction numbers are for a 12-month period.

  • Level 1. 6 million or more transactions as well as global transactions
  • Level 2. 1 million to 6 million transactions
  • Level 3. 20,000 to 1 million e-commerce transactions
  • Level 4. Less than 20,000 e-commerce transactions and up to 1 million transactions for other businesses

Also, any merchant can be listed at Level 1 at the discretion of the credit card brands if they determine extra levels of security are needed. Also, any merchant who has had their system breached may get elevated to a higher level regardless of the number of transactions.

Compliance at Each Level

It’s easy enough to see what level applies to your business. But what standards must be met at each level to be in compliant with PCI standards?

Level 1. Companies at this level must hire an outside, PCI security council-approved vendor to test their system and file an annual compliance report.

Level 2. Companies at this level can do a self-assessment of their system. However, some may be required to get evidence of passing a vulnerability scan with a PCI security council-approved scanning vendor

Levels 3 and 4. At these levels, merchants are also allowed to do a self-assessment.

Other Issues

Some other issues that frequently come up with PCI compliance include the following, according to the PCI Compliance Guide.

  • Merchants who take card orders over the phone must be PCI compliant
  • Organizations that hire a third-party card processing company must also maintain PCI compliance
  • Businesses with multiple locations may have to get evidence of passing a vulnerability scan at each location
  • Even if a merchant doesn’t store card data, PCI standards still apply – although it’s easier to become compliant if you don’t store card data

PCI compliance is a key component to having a secure system for credit card payments. Moreover, it’s required by the major credit card companies. Every merchant that accepts cards for payment must work to ensure they meet the standards.


Restaurant Marketing FAQs

What is Restaurant Marketing?

Restaurant marketing is the process of getting people to visit your restaurants. Restaurant marketing creates loyalty, provides data to research, analytics, and allows restaurants to gain a better understanding of their ideal customer profile. It utilizes all customer channels: guest WiFi, website, social, rating sites, mobile apps, email, text, and advertising.

Learn More About Restaurant Marketing Here

What is WiFi Marketing?

WiFi marketing is a marketing technique that uses guest WiFi to collect & clean customer data such as names, emails, phone numbers, customer behavior, and demographics. This data is used to personalize marketing campaigns to increase customer loyalty, build online reviews, and save at-risk customers. The performance of every campaign can be tracked down to the tangible ROI of a customer walking back in your door.

Learn More About WiFi Marketing Here

What is Restaurant Reputation Management?

Restaurant reputation management is the process for restaurants to manage customer feedback and creating systems to improve customer experiences, passively build positive online reviews, and save at-risk customers. It is a very important aspect of running a successful restaurant business.

Learn More About Restaurant Reputation Management Here

How Does Bloom Identify and Bring Back Lost Customers?

Bloom Intelligence uses machine learning to identify at-risk customers. When one is recognized, the system will send them a message with an incentive to get them to return and re-establish their visit pattern. Bloom users are seeing up to 37% of churning customers return.

Learn More About Saving At-Risk Customers Here


What our happy customers
are saying

Austin Eggleston
Bob Cross, Vice President of Operations
Ron Murray
Matt Thompson, Managing Partner
Jacqueline Martin

“I highly recommend restaurants, dental/medical offices, and other businesses look into Bloom Intelligence as 1) their marketing technology is very powerful and 2) their team is AWESOME. As a marketing agency, Bloom has helped several of our clients grow their businesses via building their database and re-targeting them at the right time. Thanks Again!”

Austin Eggleston

“We’re extremely pleased with the wealth of customer data that we’re able to gather, at a very attractive price.  In addition, we’re able to communicate our new product promotions by using  the landing page as a digital billboard.  A “no-brainer” for anyone working with limited Marketing $$.”

Bob Cross, Vice President of Operations

Atlanta Bread Company

“This is an integral part of our local store marketing program. We use the e-mails we collect to tell our existing customers about various promotions, specials and discounts, and the analytics tools are amazing at capturing and displaying smart device activity in and around our store.”

Ron Murray

Atlanta Bread Company

“They have always been attentive through whatever needs and questions we have.

They go above and beyond to make sure our team and customers stay connected while helping us with our marketing efforts.”

Matt Thompson, Managing Partner

Madison Social

“I am currently working with Bloom Intelligence with Matt Ronay and Edward Kennedy. They are great to work with, respond quickly, and provide great support for noth my company and my clients. I have used other WiFi platforms but never received this level of service. I was looking for a service that would make it easy for me to sell WiFi lead generation and analytics to my clients without a lot of problems. They have provided this above and beyond. I highly recommend them to any agency looking to add this type of program to your services.”

Jacqueline Martin

Subscribe Here for the Latest Updates

Never miss a post! We'll keep you up-to-date on the latest restaurant and retail WiFi marketing information.

Drop us a line!

We would love to hear from you! If you have any questions, comments or ideas about our blog, drop us a line and let us know.

Or call us at 727-877-8181.

Contact Us