Expiry of QuickBooks' PA-DSS validation means their current certification for securely processing cardholder data expired on July 31, 2024, as shown on VISA site.

QuickBooks is indeed PCI compliant, which is essential for businesses that process credit card transactions, soundbrick. Understanding this adherence can be complex, so let's clarify the situation regarding QuickBooks and its PCI compliance requirements.

Intuit's accounting services are in compliance with PCI policies and enable you to accept credit card payments from your clients. Intuit has teamed up with SecurityMetrics, a leader in PCI compliance, to help you meet PCI requirements. In this case, I encourage you to keep in touch with the SecurityMetrics support representatives for the latest compliance information and evolving regulations. By contacting them directly, you'll have access to the most current and comprehensive information available. They can offer detailed explanations of compliance requirements, help you understand any recent updates that might affect your business, and provide guidance on best practices for maintaining compliance. 

Finally, I want to ensure your peace of mind. In line with this, I encourage you to browse through these resources so you can have the information about PCI Security Standards:

• Learn about QuickBooks PCI Compliance
• Learn about the PCI DSS Compliance Services

Understanding whether your business needs to comply depends on how you interact with credit card information through QuickBooks, soundbrick. If you have further questions or concerns about navigating these requirements or verifying your compliance status, share them in the comments section below. I'll be around to offer assistance. Keep safe

The document you provided is an SAQ, dated 2020 (please see page 11).

The other links are outdated. I am asking for current verification.

You asked me to review QuickBooks compliance on the PCI website however they stopped logging compliance in 2022, and direct searches to be done on payment application banking websites. For QuickBooks, this is VISA.

VISA shows an expiration of compliance as of 31-July-2024.

Can you please provide current, to-date, verification of QuickBook's PCI compliance?

Here's a screen-snip from the visa site, showing expired compliance.

I'll point you in the right direction so you can get the current verification of QuickBooks Online's (QBO) PCI compliance, soundbrickworks.

Yes. Intuit and our products, including QBO, are listed as compliant on the PCI Security Standards Council website. However, I recommend contacting the SecurityMetrics support team to obtain the most accurate and up-to-date information regarding QBO's PCI compliance. They specialize in this area and are well-versed in the latest standards and requirements.

Additionally, I’ve included some helpful articles to assist you in protecting your business account and data from fraud:

• Data Security and Fraud Prevention
• Identify Suspicious Activity, Phishing Scams, and Potential Fraud

The Community team is always around to offer additional assistance with PCI compliance concerns. Just leave a reply below, and we'll chime into this thread to continue helping. Stay safe.

At first I thought the "QB Team" were being obtuse, but I'd guess they're just as confused as we are. Well, almost.

This is from the PCI SSC website:

PA-DSS Validation and Listing Program is now CLOSED

On 28 October 2022, the PCI Security Standards Council (PCI SSC) formally retired its Payment Application Data Security Standard (PA-DSS) and closed the associated PA-DSS validation and listing program. All prior entries on the PCI SSC’s List of Validated Payment Applications have been moved to the “Acceptable Only for Pre-Existing Deployments” list and are considered expired for PA-DSS program purposes.

Entities wishing to continue using these payment applications for the purposes of meeting compliance requirements should contact the Payment Card Brands directly to determine how the continued use of such payment applications may impact the entity’s compliance with the individual brands’ PCI DSS compliance programs.

https://listings.pcisecuritystandards.org/assessors_and_solutions/payment_applications

Would you look at that, taken down in 2022. Gets more fun all the time, don't it? Sounds like if VISA, MC, AmEX, vel al. say they are expired, they are expired. Though it does say they retired the standard (PA-DSS), it then mentions a PA-DSS program as if it is still a thing.

I have the distinct feeling this whole process is designed to liberate people from their money while giving them the run around. You'd think the QB Team would be able to provide a definitive answer, but with two-strikes in this thread already, it doesn't portent goodwill.