Skip to main content
midnight shape and orange half circle

Identify Your Merchant Level

Before embarking on the process of PCI compliance assessment, it's crucial to familiarize yourself with your merchant-level classification and the corresponding obligations for validation and reporting. Equally important is identifying whether you maintain a direct contractual association with Discover® (Discover Merchants) or if your contract aligns with a Discover Acquirer (Acquired Merchants). This knowledge will guide you in understanding where and how to submit your compliance report. Should you have any queries concerning your Discover Merchant type, please don't hesitate to reach out to your Discover representative or contact the DISC team at DISCCompliance@discover.com.

An organization's Discover Merchant Level is determined by several factors: yearly transaction volume, merchant level with other payment brands, and, in certain cases¹, the discretion of Discover.

Level
Description
Level
1
Description
  • All merchants conducting 6 Million or greater card transactions annually on the Discover network.
  • OR
  • Any merchant that Discover, at its exclusive discretion, deems should fulfill the Level 1 compliance validation and reporting prerequisites.
  • OR
  • All merchants compelled by another payment brand or acquirer to confirm and disclose their compliance as a Level 1 merchant.
Level
2
Description
  • All merchants conducting card transactions ranging from 1 Million to 6 Million annually within the Discover network.
Level
3
Description
  • All other merchants.

1. Any merchant experiencing a data security breach leading to the confirmed or suspected compromise of Discover Cardholder data might need to confirm their compliance with the PCI DSS at an elevated level, as determined solely by Discover's discretion.

Contact our Data Security team

For reporting a data breach or cardholder data compromise, dial 1-800-347-3083. Alternatively, reach out to us for any inquiries related to compliance.

Contact us