Do I need to be PCI Compliant if the only credit card transactions are through Intuit Merchant Services ?

BBPC2 · ‎September 18, 2024

I received an email from a Security Company telling me I need to be PCI compliant due to a Law from 2006. Is this a scam? I do not handle any credit card transactions with clients. My only credit card business is by E-Invoice through Intuit Quickbooks online merchant account. I don't ever receive any customer card number and my website is for information only and customers can't order through my site. Do I need to be PCI compliant.

Jim. (BBPC2)

Irene R · ‎September 18, 2024

Welcome to the Community, BBPC.

I understand how alarming it is to receive an email from a security company regarding a PCI Complaint. Please know that Intuit QuickBooks Payments has partnered with a PCI compliance vendor to help our customers achieve PCI compliance.

Therefore, emails are generated by our system and sent out to our merchants to inform them about the partnership. If you're already PCI compliant with a different PCI, kindly disregard the email.

Furthermore, all merchants should be PCI compliant for as long as their account is active and they are processing online payments as part of the Merchant user license agreement.

These helpful materials can give more information regarding the PCI compliance of Intuit:

Let me know if you have additional concerns with the PCI Compliance or any QBO-related inquiry, BBPC. You can reach out to the Community at any time. Take care!

Kristen39 · ‎December 27, 2024

I received the email from security metrics that I need to be PCI complaint and called to speak with them. Hearing them say it’s $10k per occurrence if there’s a credit card breach was unnerving, especially since I’ve only sent 1 invoice using QuickBooks this year and the customer paid on their end by credit card through QuickBooks. I believe I’ve now turned off the options to accept credit cards when sending out invoices, so do I still need the PCI compliance insurance? I only take credit cards at vendor shows through a different merchant which is already PCI compliant. I’m still pretty new to QB. Thank you.

Anonymous · ‎December 27, 2024

Hi there, @Kristen39.

Welcome to the Community and thank you for using QuickBooks Online (QBO). I've got you some details about QuickBooks Payment Card Industry Data Security Standard (PCI DSS) compliance in QuickBooks.

Consumers with active payment accounts are required to comply with PCI DSS compliance. This is a global card brand requirement to protect customers and their businesses from cardholder data breaches.

Any business or service provider that stores, processes, or transmits payment card data must follow the data standard, regardless of its size or the number of annual payment card transactions.

As long as you process or take payments from your customers with QuickBooks Payments, you’re required to comply with Intuit's security measures.

You might find these articles helpful to learn more about PCI DSS Compliance Services:

If you have additional queries regarding PCI DSS, @Kristen39, please do not hesitate to leave a comment below. I am always at your service to assist. Stay well!

Topics

Training

Community

Resources

Do I need to be PCI Compliant if the only credit card transactions are through Intuit Merchant Services ?