Skip to main content
All CollectionsBilling
CardConnect PCI Compliance
CardConnect PCI Compliance
Angel Horowitz avatar
Written by Angel Horowitz
Updated over a week ago

The Payment Card Industry Data Security Standard (PCI DSS) is managed by the PCI Security Standards Council (PCI SSC). Founded in 2006 by the five biggest credit card providers: MasterCard, Visa, Discover, Amex and JCB International, the Council ensures that merchants (sellers and organizations) meet the required levels of security when they store, process and transmit cardholder data.

Being PCI compliant is not a requirement by law. However, it is highly advisable that merchants who accept card payments follow the regulations set by the PCI SSC to avoid any potential data infringement and to avoid hefty non-compliance fees. The requirements for becoming PCI compliant are relative to how your company operates.

Each level will require merchants to complete the relevant PCI DSS Self Assessment Questionnaire (SAQ), provide evidence that the merchant has completed and passed a vulnerability scan with a PCI SSC Approved Scanning Vendor (ASV), and complete and submit the Attestation of Compliance (AOC) to your acquirer.

For more information, you can reach our payment support at [email protected] or call them directly at +1 (800) 982-6419

To get to your PCI compliance Portal, supported by Secure Trust:

  1. Login to your Cardpointe Merchant Portal at Cardpointe.com

  2. Using your navigation bar at the top, select My Account

  3. On the account sub tab, find and select the Not Compliant hyperlink to open the Secure Trust Portal.

Step Two

Step Three

Need help accessing your Merchant Portal? Click here!

Creating your Business Profile

  • Before you are able to review your secure trust portal, and complete your Compliance Survey, you'll need to create your business profile.

  • Please enter your Contact Email, Contact Name, Mobile Number and select your Language Preference. If you wish, you can also add an additional contact email.

  • Once all items are entered, select Next.

  • On the following page, select Start Business Profile

  • On the Before You Begin page, select Next to continue

  • On the Pick an Assessment Method page, choose Expert

  • Then select Next to continue

  • On the following page, please select No for both questions to be sorted into the correct Survey type.

  • Then select Next to continue

    On the A summary of how and where you handle card payments, please answer these questions per your business type.

  • The first question should be answered with your type of Retail location. For example, Salon, Spa, Grooming Salon, Recreation Facility, Veterinary Clinic or Tattoo Salon.

  • For the Second, enter your type of Card Processing Device. For example, Clover Flex or Clover Mini.

  • The Last question should be answered with what industry you are in. Common examples are Spa, Vet, Pet, Salon, Recreation, Tattoo etc.

Completing your PCI Questionnaire

Failure to complete your PCI Compliance within 60 days of your account being approved will result in an additional fee placed on your merchant statement.

After completing these questions, you will be taken to your Secure Trust Portal.

  • Under ‘Your Business Profile’ make sure that SAQ type P2PE is displayed.

  • Once you have confirmed the correct SAQ type has been selected, click Begin Step under the Complete your Security Assessment section.

If the SAQ type is not P2PE, select manage and follow the steps above to resort your business type to the correct SAQ

After selecting Begin Step, you will be taken to your Compliance Survey.

  • Depending on your industry, there will be approximately 25-30 Questions

  • As you complete questions, they will clear from the form. Your section progress is located on the right of the screen.

  • You may see a question that asks you to fill in the “Completion Date”. For your first time completing PCI compliance, please make sure to fill in the current date. Then answer any remaining questions.

  • Please note, to become compliant you will need to answer Yes to each question.


    The Final step is to Confirm Your Compliance.

  • Under Your Organization Information Details enter your Title. Typical answers are Owner, Manager, or Co-Owner.

  • Under the section Merchant Executive Officer, again enter your Title.

  • Lastly, under Information for Submission select Confirm your Attestation

You do not need to enter telephone number, email or business address in this section.

Once confirmed you will then be taken back to the main menu where you will see “You’re Compliant”

Congratulations! Your Compliance Survey is Complete!

FAQS

Q. How Often does the PCI survey need to be completed?
A. Your PCI compliance is good for a full calendar year from the date of completion.

Q. How can I receive a notification when I need to become compliant again?
A. You can select to receive an email when you become Non-Compliant again from your notification configuration under your Dashboard. For additional support, check out this article.

Q. My SAQ type isn’t P2PE, what should I do?
A. To resort your business profile into the right SAQ, select the manage button on your business profile section. Follow the guide above, making sure your correct industry and device type have been entered. If you are still sorted incorrectly, please give our support team a call.

Q. What happens if I do not complete my PCI Compliance?
A. Failure to complete your PCI Compliance within 60 days of your account being approved will result in an additional fee placed on your merchant statement. Please note, refunds for these fees are typically unable to be provided. As always, contact support if you have any issue at all completing your PCI compliance.

Related Articles
Update Business Address, Email, Phone Number with CardConnect
DBA Update
Become PCI Compliant
Clover Mini Troubleshooting
Handling Chargebacks with CardConnect
Did this answer your question?