Resources

• Frequently Asked Questions
• Account Forms
  • Application Status
  • Forms & Agreements
  • Account Logins
• PCI & IRS Compliance
  • Compliance Overview
  • Our Compliance Solutions
  • FREE McAfee PCI Scans
  • IRS Compliance
• Supported Shopping Carts
• Gateway Documentation
• Credit Card Test Numbers
• Card Logos & Branding
• eBay Processing
• Free Payment Scripts
• Retail Terminals
  • Terminal Purchase
  • Terminal Leasing

Home / Resources / PCI & IRS Compliance / Compliance Overview

Compliance Overview

At MerchantPlus, we’ve always taken cardholder security very seriously and have offered PCI Compliance programs and solutions for over 2 years.  However, recent changes by the Card Associations (Visa, MasterCard, Discover, AMEX) have changed the reporting guidelines for merchant PCI-DSS compliance.  As such, there are some important steps you need to take in order to ensure you meet all the PCI-DSS requirements.  Remember, every merchant is required to be PCI-DSS compliance regardless of business type, size or processing methods.

To fulfill your obligation and be compliant, you are required to take a Self Assessment Questionnaire (SAQ) and undergo quarterly scanning services of your payment network.   MerchantPlus provides 2 options to become compliant:

1. You may leverage the PCI-DSS solution from your processor, iPayment.  This has an annual fee of $129/year but ensures that your processor will always have active, up-to-date reporting of your PCI-DSS status, helping to avoid an fines or fees associated with non-compliance. Click here for this option: iPayment Solution
2. You may utilize the free PCI-DSS scanning service provided by MerchantPlus in partnership with McAfee.  This service is free for the first year and then only $19/year after that.  The primary difference is that you must manually notify MerchantPlus of your compliance status each quarter.  If you do not update your compliance status with MerchantPlus, you will be assessed a $30/mo non-compliance fee. Click here for this option:McAfee Solution

It is our goal to ensure that you can quickly and easily obtain PCI-DSS compliance and we have provided 2 competitive options for your convenience.  As always, if you have any questions or concerns, please contact us immediately at 800-546-1997 or by emailing support@merchantplus.com.  Our representatives will help you decide on the proper method for your business and answer any PCI questions you may have.

Sample Self Assessment Questionnaires (SAQs)

If you choose the McAfee option for PCI-DSS compliance, we have created consolidated versions of the Self Assessment Questionnaires (SAQs) that you will be required to complete in Step 1 of the process. You will simply need to download the appropriate version of the SAQ below by clicking on one of the links below and complete the sections highlighted in RED.

After completion of the PCI process through McAfee, you will receive a PCI Compliance Report and a Security Report which you will need to send to us along with the SAQ to support@merchantplus.com .

SAQ Internet / MOTO (Version A) - “I am an eCommerce merchant or MOTO (entering into a virtual terminal) merchant and 100% of the processing, transmitting and storing of cardholder data is outsourced to a 3rd party company. For eCommerce merchants, this means that your checkout must also be provided by a 3rd party.”

SAQ Internet / MOTO (Version D) - “I am an eCommerce merchant that either stores, processes or transmits card holder data at some part of the transaction process.”

SAQ Retail (Version B) - “I am a Retail merchant that uses only standalone, dial-out terminals connected via a phone line, retain only paper reports or receipts and does not store cardholder data in electronic format.”