India:+91 98183 98494
UAE:+971 54 299 7566

External Vulnerability Scans (ASV)

All entities including merchants, service providers and financial institutions must get a quarterly scan completed to remain compliant with the PCI DSS standards. The table below lists the Quarterly network scan requirements for service providers by region.

Visa USA & CEMEA- Service Provider Levels and Validation Actions

Level 1

All VisaNet processors (member and non-member) and all payment gateways

  • Annual On-Site PCI DSS Assessment
  • Quarterly Network Scan

Level 2

Any service provider that is not in Level 1 and stores, processes, or transmits more than 1,000,000 Visa accounts/transactions annually.

  • Annual On-Site PCI DSS Assessment
  • Quarterly Network Scan

Level 3

Any service provider that is not in Level 1 and stores, processes, or transmits fewer than 1,000,000 Visa accounts/transactions annually.

  • PCI Self-Assessment Questionnaire
  • Quarterly Network Scan

According to Visa, payment gateways are a category of agent or service provider that stores, processes, and/or transmits cardholder data as part of a payment transaction. Specifically, they enable payment transactions between merchants and processors.

Visa Asia/Pacific-Service Provider Levels and Validation Actions

Self Assessment Questionnaire

  • More than 600,000 Visa transactions per year :- Optional
  • Between 120,000 and 600,000 Visa transactions per year :- Mandated
  • Less than 120,000 Visa transactions :- Mandated

Quarterly Network Scan

  • More than 600,000 Visa transactions per year :- Mandated
  • Between 120,000 and 600,000 Visa transactions per year :- Mandated
  • Less than 120,000 Visa transactions :- Recommended

Request a Quote

Hi 👋, Welcome to GTIS. Let's get started.

Please let us know what brings you here

!
Need help? Chat with us!