Important Terms:
PCI: Payment Card Industry is required by the card networks (Mastercard, Visa, etc.) to securely accept credit cards and affects anyone who transmits, stores, and makes use of cardholder data including merchants, service providers, and financial institutions.
PCI DSS: Payment Card Industry Data Security Standard is to ensure the secure handling and protection of customer credit card data, reducing the risk of data breaches and fraud
SAQ: Self-Assessment Questionnaire
AOC: Attestation of Compliance
Setting up the PCI Toolkit:
- You should have received an automated enrollment email from: do_not_reply@conformancetech.com.
- Within this enrollment email, you will be prompted to activate your PCI Account.
- This will require you to create a new password with your email being the username.
- If you are needing help getting logged in or have any questions you will need to contact support@pcitoolkit.com.
Important: The compliance questionnaire needs to be renewed annually to avoid the non-compliancy fee.
Strategic Workflow:
-
You will need to complete the Business Profile.
- This step will ensure that you will be provided with the correct Self Assessment Questionnaire (SAQ) type for your business. (This step will only need to be completed during the initial setup only)
-
If you are currently not PCI Compliant, you will need to complete the Questionnaire.
- The Questionnaire will ask you a series of questions related to your network, payment processing workflows and security. These questions will confirm that you are processing cardholder data securely.
- You will be prompted to attest to the results of the compliance questionnaire.
- You will achieve your Compliance certification.
Important Information:
- Program status, quarterly scans, and annual renewal of compliance will be completed through PCI Toolkit moving forward. Even if you are compliant please make sure set up your account as soon as possible to ensure you are aware of any upcoming requirements.
- PCI Platform fees of $5.95 will be assessed each month for access to the program and the associated resources, regardless of compliancy status.
-
You will use the PCI Toolkit portal to fill out the questionnaire and become compliant. If you are non-compliant, you will continue to be billed a monthly non-compliance fee until compliance is completed through the PCI Toolkit.
-
PCI Non-Compliance Fees of $59.95 will be assessed each month if you are non-compliant.
-
Risks of Non-Compliance include:
- Card fraud liability
- Significant chargeback risk
- Penalties, fines, and losses
- Lawsuits
- Inability to continue to process credit card payment
Learn more about PCI Compliance: