We’re a cutting-edge financial technology company encompassing point of sale, payment processing, and so much more, including our in-house processing platform, Cygma®.
Modern payment and point of sale technology for all types of businesses
Partnership programs custom-built to your needs and situation
Browse educational articles, EPI news, and case studies to learn more about payment processing.
April 16, 2024
Payments 101
Chances are you’ve heard about PCI Compliance—and if you haven’t, you’re certainly aware of criminals targeting businesses to steal sensitive credit card data. Safeguarding your business and your valued customers from this kind of fraud is critical, but many merchants aren’t entirely sure what to do.
For this article, we spoke to EPI’s PCI DSS Merchant Compliance Program Administrator, Susan Shapira, to break down what you need to know about PCI Compliance and how to protect both your business and your customers.
PCI (Payment Card Industry) Compliance is a set of requirements intended to ensure all businesses that process, store, or transmit credit card information maintain a secure data environment.
Being PCI compliant means consistently adhering to a set of guidelines set forth by the Payment Card Industry Security Standards Council® (PCI SSC), an organization formed in 2006 for the purpose of maintaining credit card security.
The Payment Card Industry Data Security Standard (PCI DSS) is the series of regulations and protocols businesses must follow to stay compliant and help prevent fraudulent transactions and data breaches.
While PCI DSS is not a U.S. law, all major credit card brands and banks that process payments require compliance. For many merchants, PCI Compliance is also part of their contractual relationship with credit card brands.
Compliance standards exist to prevent data breaches. If you aren’t following the requirements, your business is much more vulnerable to data breaches, fraudulent activity, and chargebacks. The long-term consequences of these can be serious and detrimental to your business.
If a data breach occurs and you’re not PCI compliant, you could experience some or all of the following:
“Most equipment that is deployed today is PCI DSS compliant, so understanding the importance of securely accepting credit cards is the most critical action for merchants,” says Shapira. “Education is the best tool we have to ensure that our merchants understand and maintain their PCI DSS Compliance.”
EPI’s Compliance Program offers the following advice for staying compliant:
The PCI Self-Assessment Questionnaire (SAQ) is a merchant’s documented statement of compliance with PCI security standard requirements. An SAQ is a way to demonstrate that, as a merchant, you have security measures in place to keep cardholder’s sensitive data secure at your place of business.
SAQs vary according to business type (PCI level) and the processing equipment you use. While your merchant services provider can help you determine which type of questionnaire is required and assist you in completing it, we’ve outlined the basic requirements below.
The specific technology you use to process payments will determine the exact version of the assessment that applies to you:
There are four PCI Compliance levels for businesses based on payment card transaction volumes over a 12-month period. EPI merchants nearly always fall into PCI Levels 3 and 4 (with 4 being the most common).
Our free SAQ Wizard makes compliance easy:
“If you don’t have a full understanding of how you’re accepting credit cards currently, some of the questions in the SAQ may be hard to answer,” says Shapira. “If you need help, just call us! We regularly work with merchants to understand how they need to accept and protect their cardholder information.”
“Recently, we had a merchant that received a Common Point of Purchase violation from Visa,” says Shapira. “He was overwhelmed and not sure how to proceed. We explained the process, enrolled him with a 3rd party ASV, and I worked with him to set up the vulnerability scan, which he passed. We worked with him and his IT person to complete the AOC and his Visa Incident Report and sent all documentation to Visa. For the merchant, the situation went from overwhelming to easy.”
PCI compliance is important, but it isn’t stressful with the right support. Here’s how EPI helps with compliance:
Ready to get started? Stop by our PCI Compliance site to access resources, including the free SAQ Wizard.
Prepare your store for the holiday season with these consumer insights—featuring top data points ...
Get ready for Small Business Saturday with these seven ideas to promote your business and boost s...
Your merchant statement lists critical information about your transactions over the last month. H...
Explore the benefits of Mobile POS systems for small businesses! Learn how an MPOS can enable fle...
The right POS system in your restaurant can improve profit margins, customer satisfaction, employ...
Subscribe to our blog and we'll keep them coming!
We'll deliver new posts right to your inbox as soon as they're published. Stay tuned for ongoing tips, advice, and strategies you can use to grow your business!
Have you ever felt that your concerns were not heard? Or your needs were not met? Or you were let down? Or, have you been overly impressed? Pleased with a tech support call resolution? Or had an awesome experience with one of our sales representative, ISO Offices, or Relationship Managers?
It can sometimes be difficult to get an answer or a sensitive ear for an issue you may be having. Or, you may just need help reaching the right department. Who handles paper shipments? Who programs my equipment? What if I don't like my sales rep? How do I reach your CEO? Sometimes, it just helps having a direct email address which goes to a person that can "get the job done."
The Ombudsman is a position at Electronic Payments that is your conduit to the proper channels and persons that can field your request, answer your need, and receive your compliment. Fill out the form below and we'll try our very best to assist you as quickly as we can.
Comments, compliments, criticisms and problems... Please don't hesitate to let us know!
"*" indicates required fields
We're human, promise! And your issue is important to us. While this is an auto-response, a real human has received this email and will direct it to the right department so you can get the attention necessary to help with your request. We'll be in touch soon. In the meantime, here are several avenues of help we offer:
Technical Support Help Desk (24/7):(800) 966-5520 Option 3
Merchant Support Center:www.merchantsupportcenter.com
Customer Service (M-F, 9am - 6pm EST):(800) 966-5520 Option 4
POS Help Center:help.exatouch.com
Talk to you soon,The Electronic Payments Team
Copyright© Electronic Payments, Inc. All Rights Reserved
Electronic Payments is a registered Independent Sales Organization of Wells Fargo Bank, N.A., Concord, CA and Commercial Bank of California, Los Angeles, CA.Electronic Payments is a Registered MasterCard© TPP American Express may require separate approval.
Privacy Policy →|Do Not Sell My Personal Information →