Answer : Merchant Levels are based on the number of transactions (not dollar amount) processed in one calendar year. Transaction counts are per card brand, not a total among all card brands. With that said, it should be noted that each Credit Card brand has their own Merchant Level qualifications.
It is important to note that all merchants who fall under Level 2, 3, or 4 are eligible to complete the Self-Assessment Questionnaire (SAQ) to determine their compliance status.
Level 2 merchants are allowed to have an onsite assessment performed by a QSA or to complete an SAQ. However, Level 2 merchants choosing the SAQ option need to ensure that the individual completing the self-assessment questionnaire has been trained and is qualified as a PCI SSC ISA (Internal Security Assessor).
(For greater detail, see merchant levels for each card brand following this general guidelines section)
1 Stop PCI Scan is qualified to perform quarterly network scanning for all merchant levels across all payment brands.
VISA PCI Merchant Levels Defined
American Express PCI Merchant Levels Defined
Mastercard PCI Merchant Levels Defined
Discover PCI Merchant Levels Defined
For information about the JCB card brand and the JCB Data Security Program, please refer to compliance validation procedures at the following page: https://www.global.jcb/en/products/security/data-security-program/index.html.