PCI compliance

We can help you understand how PCI compliance helps protect your customer payment card data, and how to get started.

  • What is PCI compliance?

    Payment Card Industry Data Security Standard (PCI-DSS) is the set of standards businesses follow to keep credit card data safe. The PCI Security Standards Council sets security standards and helps businesses understand what they need to do to be compliant. Security threats are constantly changing. By maintaining PCI compliance, businesses can focus on what they know best — their business.
  • Why is it important to my business?

    PCI compliance helps protect your business and customers from theft and fraud. Payment cards like Visa, MasterCard, American Express, and Discover require PCI compliance every year. If your business accepts, stores, or transmits payment card data, you have to be PCI compliant.
  • Am I following security basics?

    Keeping basic security practices top of mind can help make becoming PCI compliant easier. Here are some general security questions to consider.

    • Are you securely storing customer credit card information in a locked file cabinet, desk drawer, or electronically?
    • Do you regularly review employee access to computers and accounts?
    • Is your internet connection secure?
    • Do you allow your employees and vendors to access your networks and systems remotely?
    • Has your company installed and maintained a firewall?
    • Are all the ways you accept payment secure, e.g. website, phone, virtual terminal?

    Our business tips can help you get a head start on PCI compliance, with helpful information and reminders for protecting your customers’ information.

    Go to business tips

  • What do I have to do?

    PCI compliance isn’t one-size-fits-all. Your specific requirements will vary depending on your business details. For example, the size of your business, whether you store payment card data, or accept online or phone payments all play a role in determining what you have to do. If your business isn’t already PCI compliant, compare your business setup with our security basics to start getting closer to PCI compliance.
  • Compliance documents

    We provide our small business customers PCI compliant solutions they need to run their business.

    Intuit’s accounting offerings are PCI compliant and allow you to collect card payments from your customers. The links below give you access to our Attestations of Compliance, and Attestations of Validation so you can get the assurance you need, when you need it.

    QuickBooks Online Payments - PCI DSS

    QuickBooks Desktop - PCI PA-DSS

    QuickBooks Point of Sale - PCI PA-DSS

    What you as a merchant need to do

    As a small business, your customers trust you with their information. If you process card payments, you may also have requirements under PCI regulations. Click the links below to learn more about PCI.

    PCI Resources

    PCI Council

    PCI Council List of Validated Payment Applications

    VISA Global Registry of Service Providers