Something tells me this is a complete scam. Caution. 

Second, who is responsible for writing these emails? They are doing an awful job. This should be extremely straightforward and someone should communicate it that way. Leave it to Intuit to write a very cryptic message about something you have to comply with and then give you no information.  Pathetic. 

Perhaps all of us disgruntled small business owners who feel that Intuit should be covering any PCI compliance matters should consider filing a class action lawsuit. 

The Email that you received from Security Metrics is deceiving. QuickBooks does not require you to  purchase Security Metrics products, regardless of what Security Metrics says.  I had a long discussion with a rep in the Payments department about this.  We do not have access to our clients payment options, we do not accept Credit Cards so we do not need this at all.  I contacted Security Metrics to opt out and the rep sent a low key threatening email stating that they were going to report me to QB and insinuated that QB would fine our company for not purchasing their products.

I've had conversations with 2 QB reps about this and was advised that PCI compliance is NOT required at this time and since we do not have access to our clients credit cards or bank accounts that we do not need to be PCI compliant.  I find it weird that Security Metrics are able to send out these emails almost threatening your clients that if they did not purchase SM products that QB would punish them by fining them.

This is not a good look for QB as there are definitely other options for accounting software

Hi I am going to upload what I received from Security Metrics and what I received from Qbooks.  QBooks was very clear that this is not a requirement as of yet and since we do not have access to our clients payment options we do not need this.  Security Metrics, of course says that it is a regulation.

[Re-attached screenshots with masked PII]

[Re-attached screenshots with masked PII]

#2

From 
Quickbooks

[Re-attached screenshots with masked PII]

Neither does mine, but SM tells me that it is a requirement.  QB says it's not and like you since we do not have access to our clients payment options, we will not be purchasing any SM products.  I will switch to a different accounting software before doing that.  

Same here.  Below is what was sent to me by a QB Payments Rep.  See Attached

But Security Metrics told me one of the things they would do is to check my firewalls etc and that means I would give them access to my computer.  lol I don't even let my kids have access to my computer.  I 100% will not let a random person do it. That question in itself raised many red flags. 

You do realize you’re not telling customers that they can be PCI compliant by completing other assessments. If you go to the security council’s website they have all of the necessary information.

After completing the worksheet on the security council’s website, I provided my completed information to Security Metrics proving I was PCI compliant and they stopped harassing me. I find your response very misleading and unprofessional. While I love Intuit products I’m tired of the price increases and the fact that Intuit doesn’t EVER offer a discount or refund when they make a horrible mistake. I have numerous support issues all acknowledged by Intuit and I will waste hours with support, follow up, yet it’s an engineering issue. Will I ever see a credit? No! I will just waste hours of my precious time that I could be spending on running my business. Intuit is buying too many products, increasing prices, forgetting about the accountant user, trying to get customers to go directly to them, and screwing up the products, and service in the meantime! Mistake after mistake! 

Hi TNT2023, can you please tell me which specific worksheet you filled out on the Security Council website?  They seem to have quite a few forms under the "Document Library" area.

I just received a “final reminder” email today, saying that it is a requirement by the Intuit Terms of Service for my business to be PCI compliant. I received it because I use quickbooks payments. Guess I’ll be switching to a different software if they turn off my account🤷🏻‍ definitely not interested in giving their “partner” extra money on top of the monthly fee I already pay. 

Who sent you the email? Intuit or Security Metrics? I haven't received anything from Intuit stating I had to use Security Metrics to be PCI compliant. I am PCI Compliant, but I don't use Security Metrics. They did hound me until I showed them proof I was compliant. Then they literally disappeared. While I'm very disappointed in Intuit at the moment from subscription transfer issues to QB checking envelopes for autopayroll that do not work as described all the time, I think the Security Metrics has overstepped their boundaries unless Intuit has bought them out too and we now have to follow their rules. Until I see this, I'm listening to QB Payments rules and staying PCI compliant as I have been and will continue to do so. So I'm not leaving until they tell me to.

The email came from intuit themselves. It doesn’t state I have to use security metrics necessarily. But is there a reason you yourself need to be pci compliant? Do you store credit card info for your business?

I'll not be paying any complaint fees. Especially since I have no control over any of it. I don't keep cc#s on file. Done everything else for compliance falls on Intuit. I've been through this junk before work other CC processors which is why I went with intuit to begin with. I'm not paying that. I'll stop takeing CC all together. No problem. 

What will happen to our payment account if the compliance is not completed?

I guess technically intuit can disable you from being able to accept credit cards. But I’ll wait for that to happen before I pay anything. 

Hi there, @bestbookkeepernj, @LBenware. I'll share some details on what will happen if you fail to comply with the PCI Compliance.

Given the increasing number of cybercriminals nowadays, data security is more important than ever. Any company or organization that handles cardholder data, whether to process, store or transmit, must meet PCI compliance requirements. It is a set of rules that businesses must abide by in order to take credit cards. Additionally, it will help you manage, process, and safely store delicate credit card data.

As a merchant, you’re responsible for protecting payment card information and meeting PCI compliance requirements. Failure to comply could mean costly fines and audit costs. And if the card gets stolen, it could mean even more costs and restrictions. You may also need to spend on card re-issuance, acquirer and legal fees, and more.

For complete details, see these articles:

• Learn about QuickBooks PCI Service
• Learn about the PCI DSS Compliance Services

Moreover, Intuit has partnered with Security Metrics to streamline the PCI compliance validation process. Security Metrics charges an annual fee to merchants who are validating compliance for Intuit.

Please leave a comment below, if you have any additional inquiries regarding PCI Compliance. I'd be happy to assist. Stay safe.

Right, and that’s why I pay intuit a nice monthly fee to take care of that for me. They store the credit card, they see the info. I have nothing to do with it, and do not see nor store any data. 

Will the account shutdown if the compliance is not done?  When is the deadline?

I'm here to share additional details about PCI Compliance, bestbookkeepernj.

The process of becoming PCI-compliant doesn't have a specific deadline. It is an ongoing process that involves submitting Self-Assessment Questionnaires (SAQ) and passing the necessary scans on an annual basis. Hence, there's no recent update indicating that your account will be shut down for non-compliance.

However, please keep in mind that failing to achieve PCI compliance leaves your business vulnerable to costly attacks and data breaches. If this occurs while not being compliant, your business may face penalties and fines.

For more details about this, I recommend browsing these resources:

• PCI Compliance
• Learn About QuickBooks PCI Service

Additionally, I've added these articles that'll help you protect your business account and data from fraudulent activities:

• Data Security and Fraud Prevention
• Identify Suspicious Activity, Phishing Scams, and Potential Fraud

Please keep us posted if you have any further questions or concerns about PCI and being compliant. It's our priority to ensure your data is protected.

I don't see where your question was even answered... "will they shut the account down?"