PCI FAQs

PCI Updates & Deadlines

View recent news on data security development as well as changes to the PCI-DSS requirements and deadlines.

pci faqsClick to view PCI Complaince Updates & Deadlines

Have a Question About PCI Compliance?

Q: What is PCI Compliance?

To ensure the security of debit and credit cards payment systems the major credit card brands initiated the Payment Card Industry (PCI) Council to oversee all Data Security Standards (DSS). PCI Compliance simply ensures that merchants secure all cardholder data and protect it from a security breach.

Q: To whom does PCI apply?

PCI applies to ALL organizations or merchants, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data. Said another way, if any customer of that organization ever pays the merchant directly using a credit card or debit card, then the PCI DSS requirements apply.

Q: If I only accept credit cards over the phone, does PCI still apply to me?

Yes. All business that store, process or transmit payment cardholder data must be PCI Compliant.

Q: Where can I find the PCI Data Security Standards (PCI DSS)?

The Standard can be found on the PCI SSC's Website:
https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

Q: What are the PCI compliance deadlines?

All merchant that stores, processes or transmits cardholder data must be compliant now.  However, as a Level 4 merchant, you will have to refer to your merchant bank for their specific validation requirements and deadlines.  All deadline enforcement will come from your merchant bank. You may also find more information on Visa’s Website.

Q: How much does it cost to become PCI Complant?

  • Accepting payments through Mail/Telephone: $10/monthly per Merchant Identification Number
  • Accepting payments through the Web: $10/monthly per Merchant Identification Number
  • Accepting payments through a Terminal: $10/monthly per Merchant Identification Number

Q: How much does it cost if I am NOT PCI Compliant?

If you fail to become PCI compliant your account will be charged a monthly non-compliance fee of $25 until compliance is validated.

Q: My business has multiple locations, is each location required to validate PCI Compliance?

If your business locations process under the same Tax ID, then typically you are only required to validate once annually for all locations. And, submit quarterly passing network scans by an PCI SSC Approved Scanning Vendor (ASV), if applicable.

Q: How do I know which Self-Assessment Questionaire (SAQ) to take?

  • SAQ -A “Mail/Telephone”– If you have a third-party handling your payment system
  • SAQ -B “In Person”– If you take payments through a Terminal or Imprint Machine; at least 80% or greater of your business must be in person
  • SAQ -C “Website”– If you take payments through your website via Shopping Cart  or an Internet Application where customers enter in their credit card information (Monthly computer scan required)
  • SAQ -D “Multiple Ways” – If you do not qualify for A, B, or C

Q: What is I take payments via the Internet AND a stand-alone terminal?

First you must take the SAQ B for the Merchant Identification Number (MID) that goes with the stand-alone terminal, in addition to SAQ C for the website along with a monthly computer scan for your internet account.

For a complete list of 'Freqently Asked PCI Compliance Questions' click here

For more information about PCI Security Standards and Becoming PCI Complaint please call us at 877-877-6511 or email us.

Free Whitepaper

Whitepaper

Why physicians should accept payments online

Download

Switch

Switch Processors

Contact a solution specialist today

Click Here