MasterCard confirms it will enforce the PCI DSS compliance deadline for Level 2 merchants
As you probably recall, MasterCard issued a directive in 2009 that required all Level 2 merchants to comply with the PCI DSS through either a Self-Assessment Questionnaire (SAQ) prepared by a certified Internal Security Assessor or an assessment performed by a Qualified Security Assessor by June 30, 2010. Following an uproar from merchants, this was pushed back to June 30, 2012. The latest news is that MasterCard has every intention of sticking to this deadline. If you’re a Level 2 merchant with between 1 and 6 million MasterCard or VISA transactions per year, you should immediately contact your acquiring bank to confirm your SAQ or ROC reporting requirements.