Do Canadian sole proprietorships who only accept credit card payments via QBO have to be PCI compliant (2022)?

Hi Lwitty,

Welcome back to the Community. QuickBooks is a powerful program that helps you manage your work with peace of mind. I'll be happy to share more info so you're on the right track with your work.

QuickBooks allows you to set up online payments and it's important you adhere to the terms and conditions of our merchant services. It's important you stay PCI compliant regardless the business type. I encourage you to learn more about setting up online payments using this link. 

Let me know if this helps. I'll be here in case you need additional support. 

Hello.  I have a few clients who pay via credit card, all payments done via Quickbooks invoices.  I never see any credit card information.  Since Quickbooks is PCI compliant, why do I also need to pay a yearly fee for PCI compliance?  I never see or store any credit card data.

Good afternoon, Lwitty.

It's a pleasure to see you back in the Community! I'd be happy to point you in the right direction.

In order to get a better understanding about PCI Compliance, I recommend taking a look at this article as it has a list of the FAQs about PCI Compliance, including "Isn't Intuit PCI Compliant Already?".

Feel free to reach back out here with any other questions you may have.

Good day,

I had the same question and frustration, as SecurityMetrics is notorious for being hard to deal with and I did not want to deal with them at all, if it was not necessary, especially pay them any money!

I looked all over the internet, called PCI Compliance firms in Canada and reached out to Quickbooks directly and finally received an official response from Quickbooks. To verify what I was sent, I even called a couple times and spoke with different customer service representatives.

I also blocked SecurityMetrics from being able to send me emails after I received the official response, as I sent SecurityMetrics the email below and they still kept trying to get in contact with me and completely ignored the email, even though PCI Compliance through Quickbooks is not required for Canadian customers.

Don't misunderstand me, as I believe in PCI Compliance and following all recommended security measures are necessary, but there are better companies to deal with than SecurityMetrics.

One major question remains, why has Quickbooks not sent an email to Canadian customers, letting them know about this?

Here is the email I received directly from Quickbooks Support Canada:

~~~
Feb 16, 2024 (12:10 PM)

Hello Adaptive IT Solutions,

Here is a statement copy of the article I found stating that this is only for US customers:

Email sent in error, PLEASE DISREGARD: Important Information about PCI Compliance

Earlier this week an email was inadvertently sent to approximately 8000 Canadian customers across US & CA that was intended only for US customers. The email titled:

Action Needed PCI Compliance Notification - Intuit Quickbooks and coming from securitymetrics.com email extensions encourages customers to become PCI complaint using their company website.

The email is not spam, but is not applicable to Canadian users.

Need additional support, we're here for you! Simply log into your QBO account, click the Help icon in the top right, then click Contact Us at the bottom, explain ‘How can we help, then choose if you would like to message us, or receive a callback. Or you can reach out to us 1-855-253-1536.

Thank you again for contacting us, and have a great week!

Best regards;
Kallie
Technical Support | Intuit QuickBooks Online

Privacy Statement. Security;.
© 2021 Intuit Inc., Trademarks;.
8 Spadina Ave. Suite 1900, Toronto, Ontario, Canada M5V 0S8
~~~

Hi adaptivesolutions. Thanks for contacting us here. I've read what you've written above and I see what you're seeing. I'm here to help steer you in the right direction so you can reach your QuickBooks goals. Feel free to ask questions.