In order to help reduce the risks associated with data theft Visa made an announcement that smaller merchants (Level 4 Merchants) must utilize payment solutions providers that have achieved the Qualified Integrator and Reseller (QIR) certification. Smaller merchants remain targets of hackers that are attempting to compromise payment data. Investigators had concluded that there are links between data breaches and a lack of payment card industry (PCI) best practices, which is what is ultimately leading to these system compromises. Effective on January 31, 2017, all Level 4 merchants that use a Reseller or Integrator for payment applications and/or terminal installation services must only use a Registered PCI QIR Professional. In addition to this, all Level 4 merchants must ensure the annual validation of PCI Data Security Standard compliance.
It is not shocking that Visa is targeting Level 4 Merchants for their emphasis on payment security. Though Level 4 merchants rank among the smaller in the four tiers, they represent 90 percent of the five million-plus card-accepting merchants in the United States, and they also account for 94 percent of data breaches. This means that it is imperative that Level 4 merchants receive their QIR certification. Aside from increasing the merchants’ overall safety, there are many other benefits to becoming QIR certified. Becoming QIR certified allows merchants to use the QIR logo on promotional materials, leverage QIR training, and placement on the PCI Security Standards Council’s list of qualified providers.
8 steps to become a certified Qualified Integrator and Reseller by the January 31, 2017 deadline. https://t.co/nYJwABsHQk— Sterling Payment (@SterlingPayment) October 26, 2016
Employees of resellers and integrators may become QIR certified after taking an approved training program and passing a certification exam. Every company seeking to qualify needs at least one employee to pass the training. After they have passed the training, they will need to requalify every three years. For a reseller or an integrator to become QIR certified, they must also provide a business license and show that they have no criminal charges on their record. The company that is seeking qualification must confirm they support the PCI SSC Code of Professional Responsibility.
Follow these 8 steps below to becoming certified:
For more information, view Sterling Payment Technologies’ PCI QIR certification checklist and Guide to PCI QIR Certification for Resellers and Integrators.