Where can I send proof of PCI compliance? We have this through our insurance.

I recognize you are asking for guidance with PCI compliance in QuickBooks Online. I'll lay out some insights into this matter.

PCI compliance is required for QuickBooks Online. To accept credit cards as a merchant, you must have payment security throughout your local environment. It is a set of guidelines that merchants must follow to accept payment cards. To send PCI compliance proof, we must first determine your PCI compliance requirements. Simply follow the steps outlined below:

1. Sign in to your SecurityMetrics account.
2. Tap Sign Up, then fill out all the fields in the Create Account page.
   
3. Click Create Account, then follow the Intuit FastPass to determine your PCI compliance requirements.
4. Press Next then select a security package that best fits your business.

You can check out this article for more details about PCI DSS Compliance Services: Learn about the PCI DSS Compliance Services. If you need to contact our support agent about this process, just go to the article I've provided and look for the phone number. You can also contact our QuickBooks Payment Support Team. They can provide further details about the PCI compliance service and how it works. They'll also check your subscription for any add-on PCI Service fee.

I'm adding this article to see what are the 12 requirements that cover the PCI standard: Learn about QuickBooks PCI Service.

Should you have any questions about PCI Compliance, or anything else, you can always find me here. You have a good one.

@ckmintegrity   The steps provided by RCV  are to sign up and be charged by Security Metrics.  

You already have your compliance, therefore, not needing to pay AGAIN for it, which is what Intuit/ QB wants you to do. 

You could always call Security Metrics and talk to them about it all. They would be better capable of answering your questions, rather than taking the advice of someone (Intuit/ QB Employee) that didn't properly answer your question in the first place.  

Why is QuickBooks requiring customers to become "PCI compliant" or prove that they are when QuickBooks is the one handling card and payment data?

I have a QuickBooks merchant account and I do not receive the credit card data from my customers; QuickBooks does this on my behalf (the whole point).  I'm not handling customer payment data. QuickBooks is.

This seems like a racket.

Hi FoodPro,

The PCI Compliance is required to all Merchant that accepts credit card and debit card payments. This is indicated in the Merchant Agreement, specifically in the Data Security (PCI Compliance); Payor/Cardholder Personal Information section. 

As for your question, there are certain requirements to follow based on how you process credit card payments, which are stated in the Self-Assessment Questionnaires (SAQ). Please check this article: Learn about QuickBooks PCI Service. Then, scroll down to the table section.

You can also contact PCI compliance if you have further questions on the assessment. Refer to this article: Learn about the PCI DSS Compliance Services. Then, go to the Who can I contact if I have questions regarding my SAQ or questionnaire? Section.

If you have other questions, feel free go go back to this thread.

Where should we send the certificate attesting to our compliance?

Hello FredV3,

Thank you for chiming in. I recommend following the steps my colleague mentioned above and contacting the PCI team for assistance with this particular question.

If you have any concerns, feel free to let us know below! My team and I will do our best to help. Take care.