PCI Compliance
Any business who accepts, transmits, or stores card data regardless of the size of the business is required to validate their PCI Compliance.
We Promise Top Security
Every effort will be made to optimize secure practices to protect your business. PCI compliance and validation is a critical component of securing your business and must be done to meet your obligations to Get Beyond, the card brands, and your own business.
For merchants to continue processing in the safest manner, merchants need to validate their PCI Compliance and provide Get Beyond their PCI Compliance validation.
Become compliant through our PCI Program
Already enrolled in a PCI Program?
What is PCI and How Does it Impact My Business
PCI is a mandatory security standard – the Payment Card Industry (PCI) Data Security Standard (DSS). The card brands require PCI compliance for all businesses who accept, transmit, or store card data regardless of the size of the business.
Since the beginning of the 2020 pandemic, cyberattacks against all businesses have seen a meteoric rise. Small-to-medium sized businesses are increasingly unable to hide from attackers and staying PCI compliant is more important than ever.
How to Validate your PCI Compliance
Self-Assessment Questionnaire
- SAQs are determined by the merchant’s payment environment and use of business
- SAQ answers expire after 1 year
- SAQ revalidation can be as easy as “nothing has changed”
Vulnerability Scans
- Required for all clients on an IP connection and most e-commerce clients
- Scans occurring on the processing IP address for the merchant’s equipment
- Scans, after attestation, are valid for 90 days
Attestation of Compliance
- Attestation is required at all levels of validation
- Once the SAQ is completed, the merchant will be prompted to attest to the results
- After each vulnerability scan, the merchant will be prompted to attest to the results
- Once the SAQ and scans are completed, the merchant will attest to their compliance
FAQs
Get Beyond has a PCI Program. Using Get Beyond’s PCI program is recommended but not required. Call Client Support to begin enrollment: 1-888-480-1571.
If a merchant chooses not to use Get Beyond’s program they must send in proof of compliance to PCICompliance@getbeyond.com with your Merchant ID number.
Examples of validation documents are as follows: Attestation of Compliance (AOC), Full SAQ, Vulnerability Scan results, Certificate of Compliance from an Approved Scanning Vendor (ASV). Please note that our team may have additional questions that the merchant will need to provide information/documentation for to ensure they have validated appropriately.
The safest equipment is not enough to guarantee data security. Merchant security policies and security habits along with the merchant’s software/ hardware solutions can also impact card data security.
Think about it this way: If card data is stored in a third-party application or a spreadsheet on a back-office computer, or even written on a sheet of paper, the data is still at risk even if the merchant is using secure equipment.
The PCI DSS Self-Assessment Questionnaires (SAQs) are validation tools for merchants and service providers that are eligible to evaluate and report their PCI DSS compliance via self-assessment. There are a number of different SAQs available that are intended meet the needs of particular types of environments.
PCI DSS is intended for all entities involved in payment processing, including merchants, regardless of their size or transaction volume. When compared with larger merchants, small merchants often have simpler environments, with limited amounts of cardholder data and fewer systems that need protecting, which can help reduce their PCI DSS compliance effort.
Need Help?
Our PCI Partner VikingCloud, formerly Sysnet, has the resources to assist you! If you require immediate assistance, please feel free to contact Support at 1888-543-4743. They are available from 8:30 AM – 8:00 PM Mon-Fri EST. They also have email support at support@complywithpci.com.
