For service providers, multiple entities may be involved in determining their level. When a service provider is involved in the authorization of a transaction, the acquirer or payment brand may simply determine the transaction volume. However, if a service provider is not involved with authorizing transactions, their level may be determined by their merchant customers, acquirers, or by the service provider themselves.
Visa, MasterCard, Discover, and American Express categorize service providers according to transaction volume and/or type of service provided, and their PCI DSS compliance validation and reporting is defined according to the designated service provider level. For JCB International, service providers are not categorized according to transaction volume. Remember that compliance requirements and validation of compliance vary by payment brand.