Skip to main content
Become PCI Compliant

PCI compliance is an important piece of keeping your customers data secure. It can also save you from any non-compliant fees.

Shaney Thrasher avatar
Written by Shaney Thrasher
Updated over a week ago

Overview

What is PCI?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.

To get to your PCI compliance Portal, supported by Secure Trust:

  1. Login to your Cardpointe Merchant Portal

  2. Using your navigation bar at the top, select My Account

    image-20220913-195430.png

On the account sub tab, find and select the Not Compliant hyperlink to open the Secure Trust Portal.

image-20220913-134246.png


Creating Your Business Profile

  • Before you are able to review your secure trust portal, and complete your Compliance Survey, you'll need to create your business profile.

  • Please enter your Contact Email, Contact Name, Mobile Number and select your Language Preference. If you wish, you can also add an additional contact email.

  • Once all items are entered, select Next.

Business Profile.png

  • On the following page, select Start Business Profile

image-20220913-200230.png

  • On the Before You Begin page, select Next to continue

before you begin.png

  • On the Pick an Assessment Method page, choose Expert

  • Then select Next to continue

pick an assessment method.png

  • On the following page, please select No for both questions to be sorted into the correct Survey type.

  • Then select Next to continue

service providers.png

  • For Password Policy select Yes

  • Then select Next to continue

image-20240412-190657.png
  • It will then ask about Third Party Managed System Service Providers

  • You will select No for both of these

image-20240412-190818.png

image-20240412-190942.png

On the A summary of how and where you handle card payments, please answer these questions per your business type.

  • The first question should be answered with your type of Retail location. For example, Salon, Spa, Grooming Salon, Recreation Facility, Veterinary Clinic or Tattoo Salon.

  • For the Second question, enter your type of Card Processing Device. For example, Clover Flex or Clover Mini.

  • The Last question should be answered with what industry you are in. Common examples are Spa, Vet, Pet, Salon, Recreation, Tattoo etc.

summary.png

summary 2.png



Completing Your PCI Questionnaire

Failure to complete your PCI Compliance within 60 days of your account being approved will result in an additional fee placed on your merchant statement.

After completing these questions, you will be taken to your Secure Trust Portal.

  • Under ‘Your Business Profile’ make sure that SAQ type P2PE is displayed.

  • Once you have confirmed the correct SAQ type has been selected, click Begin Step under the Complete your Security Assessment section.

dashboard.png

If the SAQ type is not P2PE, select manage, Re-profile, and follow the steps above (under Creating Your Business Profile) to resort your business type to the correct SAQ.

After selecting Begin Step, you will be taken to your Compliance Survey.

  • Depending on your industry, there will be approximately 15-25 Questions.

  • As you complete questions, they will clear from the form. Your section progress is located on the right of the screen.

  • You may see a question that asks you to fill in the “Completion Date”. For your first time completing PCI compliance, please make sure to fill in the current date. Then answer any remaining questions.

  • Please note, to become compliant you will need to answer Yes to each question.

31a.png

last comnpletion.png

The Final step is to Confirm Your Compliance.

  • Under Your Organization Information Details enter your Title. Typical answers are Owner, Manager, or Co-Owner.

    confirm compliance org details.png

  • Under the section Merchant Executive Officer, again enter your Title and name.

    image-20220913-210445.png

  • Lastly, under Information for Submission select Confirm your Attestation

attest.png

Once confirmed you will then be taken back to the main menu where you will see “You’re Compliant”.

You can download the Attestation of Compliance(AOC) document by clicking on DOWNLOAD AOC from the dashboard once PCI compliance has been completed.

confirmed.png

Congratulations your survey is complete! Please see below for important FAQs.




FAQS

Q. How Often does the PCI survey need to be completed?
A. Your PCI compliance is applicable for a full calendar year from the date of completion (Ex. if completion date is 1/1/2024, it will expire 1/1/2025 and will need to be resubmitted.

Q. How can I receive a notification when I need to become compliant again?
A. You can select to receive an email when you become Non-Compliant again from your notification configuration under your Dashboard. For additional support, check out this article.

Q. My SAQ type isn’t P2PE, what should I do?
A. To resort your business profile into the right SAQ, select the manage button on your business profile section. Follow the guide above, making sure your correct industry and device type have been entered. If you are still sorted incorrectly, please give our support team a call.

Q. What happens if I do not complete my PCI Compliance?
A. Failure to complete your PCI Compliance within 60 days of your account being approved will result in an additional fee placed on your merchant statement. Please note, refunds for these fees are typically unable to be provided. As always, contact support if you have any issue at all completing your PCI compliance.

Did this answer your question?