PCI Compliance

Acquirer Compliance

Back to compliance resources

Beginning in June of 2018, Acquirers will no longer be required by Discover® to submit a biannual DISC Acquirer Portfolio Compliance status Submission Form of their Merchants. In lieu of biannual portfolio submission, Acquirers will be asked on a periodic basis to answer a short list of questions regarding Acquirer Operating Regulation and Merchant Portfolio compliance as a part of the ongoing periodic review process by Discover. It remains the responsibility of the Acquirer to ensure that their merchants are following the appropriate DISC requirements for validating their compliance status.

Please refer to the Merchant Level table for required validation, reporting requirements and the acceptable PCI DSS version.

Service Provider & Acquirer Compliance

All acquirers that process, store or transmit cardholder data on the Discover® network are required annually to report their compliance status, as a service provider, to Discover® Global Network. Please refer to the Compliance Validation and Reporting Requirements for Service Providers for information on how to validate and report your compliance to Discover Network as a service provider.

Back to compliance resources

Contact Our Data Security Team

To report a data compromise or cardholder breach, call 1-800-347-3083. Or contact us for any compliance-related questions.
Contact Us