1. iClassPro Support
  2. Knowledgebase
  3. iClassPro Payment Services

What Do I Need to Know About PCI Compliance?

IN BRIEF
Payment Card Industry (PCI) compliance helps businesses protect credit card information and reduce the risk of payment data breaches. Any business that handles, processes, or stores credit cards must follow PCI requirements, regardless of business size or processing volume. iClassPro Payment Services securely processes and stores card data as a Level 1 PCI Compliant Service Provider. However, each merchant must also complete the appropriate annual Self-Assessment Questionnaire (SAQ) to meet their own PCI Data Security Standard (PCI DSS) responsibilities. 

Overview

Payment Card Industry (PCI) compliance refers to a set of industry-mandated security requirements that apply to any business that handles, processes, or stores credit cards.

These requirements apply regardless of:

  • Business size
  • Processing volume
  • Number of credit card transactions
  • Whether card data is handled directly or through a service provider

The PCI Security Standards Council was founded by major card brands, including:

  • Visa
  • MasterCard
  • Discover
  • American Express

The council created technical requirements focused on data security and the protection of cardholder information.

PCI compliance is important because many payment card compromises occur when required PCI DSS controls are either missing or poorly implemented. When a security breach results in compromised payment card data, the affected organization may face serious consequences.

These consequences may include:

  • Regulatory notification requirements
  • Loss of reputation
  • Loss of customers
  • Potential financial liabilities, such as regulatory fees, other fees, and fines
  • Litigation

Back to top

Accessing PCI Compliance Resources

Merchants can access PCI compliance resources through the official PCI Security Standards Council website.

  1. Go to the PCI Security Standards Council website: www.pcisecuritystandards.org.
  2. Review the available PCI DSS guidance and Self-Assessment Questionnaire (SAQ) resources.
  3. Use the SAQ instructions to determine which annual questionnaire applies to your business.
  4. Complete the appropriate SAQ according to PCI DSS requirements.

For more information about SAQ forms, visit the PCI Merchant Resources page: https://www.pcisecuritystandards.org/merchants/.

Back to top

Step-by-Step Instructions

Use the following steps to review your PCI compliance responsibilities.

  1. Confirm that your business accepts, handles, processes, or stores credit cards.
  2. Review the PCI DSS requirements that apply to merchants.
  3. Visit the PCI Security Standards Council website at www.pcisecuritystandards.org.
  4. Locate the Self-Assessment Questionnaire (SAQ) resources.
  5. Determine which SAQ applies to your business.
  6. Complete the appropriate annual SAQ.
  7. Retain any required documentation for your records.
  8. Contact the iClassPro Payments team at Payments@iClassPro.com with additional questions about PCI compliance.

Back to top

Additional Details

Although iClassPro securely processes and stores card data for merchants, merchants must still meet their own PCI DSS compliance requirements. iClassPro’s compliance as a service provider does not remove the merchant’s responsibility to complete the correct annual SAQ.

Back to top

PCI Compliance Requirements

PCI DSS includes several core security requirement areas designed to help protect cardholder data.

  • Build and maintain a secure network: Use secure systems and network protections to help prevent unauthorized access to payment card data.
  • Protect cardholder data: Safeguard stored cardholder data and secure cardholder data when it is transmitted.
  • Maintain a vulnerability management program: Use security practices that help identify, reduce, and manage vulnerabilities.
  • Implement strong access control measures: Limit access to cardholder data to only those who need it.
  • Regularly monitor and test networks: Monitor systems and test security controls to help identify potential issues.
  • Maintain an information security policy: Keep documented security policies that support ongoing PCI DSS compliance.

Back to top

iClassPro PCI Compliance

iClassPro recognizes the importance of data security for merchants and their customers. In accordance with PCI DSS, iClassPro Payment Services is a Level 1 PCI Compliant Service Provider.

Back to top

Merchant PCI Compliance Responsibilities

As a merchant, you must also remain compliant with PCI DSS. Each merchant is responsible for completing the correct annual Self-Assessment Questionnaire (SAQ), which is available from the PCI Security Standards Council.

Back to top

Troubleshooting & FAQs

  • What is PCI compliance?
    • PCI compliance refers to industry-mandated security requirements that apply to businesses that handle, process, or store credit cards. These requirements help protect payment card data.
  • Does PCI compliance apply to small businesses?
    • Yes. PCI requirements apply to any business that handles, processes, or stores credit cards, regardless of business size or processing volume.
  • Is iClassPro PCI compliant?
    • Yes. iClassPro Payment Services is a Level 1 PCI Compliant Service Provider in accordance with PCI DSS.
  • If iClassPro is PCI compliant, do I still need to complete an SAQ?
    • Yes. Although iClassPro securely processes and stores card data, each merchant is still responsible for completing the correct annual Self-Assessment Questionnaire (SAQ).
  • Who should I contact if I have questions about PCI compliance?

Back to top

Related Articles

Back to top

Need more assistance?

Customer support is available at 1-877-554-6776 Mon - Fri, 9 am to 9 pm (CT) and Sat, 9 am to 6 pm (CT).