Home / POS / Payment Process / PCI Compliance


Learn about Payment Card Industry Data Security Standards (PCI DSS) and how to become compliant.


PCI compliance is required for every business accepting credit cards, regardless of your payment processing method. Feel free to contact us if you have additional questions or issues that are not addressed below.

What is PCI?

To whom does PCI apply?

Where can I find the PCI Data Security Standards (PCI DSS)?

What are the PCI compliance levels and how are they determined?

What does a small-to-medium sized business (Level 4 merchant) have to do in order to satisfy the PCI DSS requirements?

If I only accept credit cards over the phone, does PCI still apply to me?

My business has multiple locations.Is each location required to validate PCI compliance?

Are debit card transactions in scope for PCI?

Am I PCI compliant if I have an SSL certificate?

What are the penalties for noncompliance?

What is defined as ‘cardholder data’?

What is the definition of merchant?

If BluePay is PCI compliant, do I still need to be?

What constitutes a payment application?

What is a payment gateway?

How is IP-based POS environment defined?

What is PA-DSS?

Can the full credit card number be printed on the consumer’s copy of the receipt?

Do I need vulnerability scanning to validate compliance?

What is a vulnerability scan?

How often do I need a vulnerability scan?

What if I refuse to cooperate?

If I’m running a business from my home, am I a serious target for hackers?

Are there state laws requiring affected parties to be notified about a data breach?