Get a quote

< Return to Help Centre

 

Accepting card payments can be a risky business, and fraudsters are always looking for ways to steal cardholder data. You may not know it, but it’s your responsibility to safeguard your customers’ financial information by becoming PCI compliant’.

The Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard (PCI DSS) is the global standard for handling card data. All businesses accepting card payments are required to follow these standards to become officially ‘PCI compliant’.

Why is PCI compliance important?

When you accept a card payment, you and your customer are sharing sensitive financial information. By becoming PCI compliant, you can formally demonstrate that you’re handling and managing customer data as securely as possible. This means that in the event of a security breach, you can prove that you have taken precautions to prevent fraud, and ultimately reduce your risk of being fined.   

 

How to become PCI compliant (PCI Portal) 

To manage your PCI compliance with Paymentsense, you’ll need to login to the PCI Portal.

How to login to the PCI Portal 

When you sign up with us, you’ll receive a username and password via email. If you can’t remember these, go to the portal page to reset or contact us if your account is locked.

Upgrade to our PCI phone validation service

Our PCI Phone Validation Service is the quickest and easiest way to ensure you are PCI compliant for a year. For a small monthly fee, our team of specialists can guide you through the whole process over the phone, so you can get things right the first time. 

Our team of PCI specialists are waiting to help on 01 696 8393

How to become PCI compliant for the first time 

  1. Login to the PCI Portal and select ‘Manage’ under ‘Your Business Profile’ and fill in the questions within this section.
  2. Once complete, your PCI status will either show as compliant or you will be prompted to complete a Self Assessment Questionnaire or Vulnerability scan. 
  3. The Self Assessment can range between 14 and 300 questions, depending on the type of company and payment method used. We recommend completing in your place of business so you have access to the information you need.
  4. Once successfully completed, you’ll see a message in the portal showing your compliance status.

Transferring your PCI compliance from another provider

  1. Download your PCI compliance certificate from your previous payments provider.
  2. Log in to the PCI Portal, and select ‘Manage’ in the Business Profile section.
  3. Select the option in the first question to indicate that you have an existing valid Self Assessment Questionnaire or ‘Attestation of Compliance’ from an external programme.
  4. Choose the corresponding PCI Compliance assessment type from the list.
  5. Select ‘Begin step’ to upload your certificate, and then indicate the validation effective date and PCI DSS version from the dropdown menus. 
  6. Read and tick the acknowledgements, and then ‘Attest’.
  7. You will automatically become compliant, with the status and expiry date shown. 

How to complete your yearly PCI compliance update 

  1. Each year you will get an email when it’s time to re-confirm your PCI compliance. 
  2. Log in to the PCI Portal, and select 'Re-profile' under ‘Business Profile’ and answer the questions in that section.
  3. Once complete, your PCI status will either show as compliant or you will be prompted to complete a Self Assessment Questionnaire or Vulnerability scan. 
  4. The Self Assessment can range between 14 and 300 questions, depending on the type of company and payment method used. We recommend completing in your place of business so you have access to the information you need.
  5. Once successfully completed, you’ll see a message in the portal showing your compliance status.

 

How to complete a PCI vulnerability scan

What is a vulnerability scan?

PCI security scans are needed to ensure your business network is safe and secure. The PCI Security Standards Council (SSC) requires regular scans to help merchants spot security vulnerabilities within their business network and applications.

A vulnerability scan is an automated tool that checks for vulnerabilities in your operating systems, services and devices that could be used by hackers to target your business' private network.

How do I complete a scan?

The scan is conducted in our PCI Portal and remotely reviews networks and web applications based on your external-facing Internet Protocol (IP) address.  You can find your business IP address by asking your Search Engine “What's my IP Address?".

As the scan is provided by an Approved Scanning Vendor (ASVs), it does not require you to install any software.

If you require a scan, we’ll remind with an email and link to the PCI Portal and guide you through the necessary steps.

 

Industry links 

For more information about PCI DSS visit: