dnasplatt1
Level 3
‎April 12, 2025 12:20 PM

PCI Compliance

Hello, I have QBO and all of my customers click the "review and pay" button on my invoices that is powered by QuickBooks.  We don't do any mobile stuff, don't hand key.  Above is the ONLY way for CC payments!   Do I have to do something or are we good?  Thank you for your time!

Solved
Reply Join the conversation
FishingForAnswers
Level 10
‎April 12, 2025 12:31 PM

Account management

@dnasplatt1  There's a few ifs, ands, and buts about it, but this question can be summarized as:

 

Do any of your devices have access to your merchant account login or, in any other way, access to customer's sensitive financial information?

 

If yes, you need to be PCI compliant.

 

If no, you do not.

 

That being said, there is a more practical answer. I can't speak to whether QBO does it, but I have seen many merchant service providers slip in a PCI Non-Compliance fee without the business owners realizing it. Seems to average $60 to $70 per month.

 

If you see that anywhere in your charges, I'd say it'd be easiest to simply become PCI compliant. It's not a particularly difficult thing to do, and it doesn't have to be through QB's SecurityMetrics partner.

View solution in original post

Reply Join the conversation
LollyNino_C
QuickBooks Team
QuickBooks Team
‎April 12, 2025 01:42 PM

Account management

It depends on whether you have to be PCI compliant or not, @dnasplatt1. Allow me to provide some insights into how payment processing works.

 

I agree with FishingForAnswers. You must be PCI compliant if you have access to customers' sensitive financial information. Otherwise, there is no need to take any action.

 

Using QuickBooks Payments services does not automatically guarantee PCI compliance. As a merchant who accepts card payments, you need to maintain payment security across your entire local environment, including all applications and systems within your network.

 

For more information, check out these articles:

 

 

Moreover, you can check this article to learn more about invoice payment deposit speed: Find out when QuickBooks Payments deposits customer payments.

 

Please feel free to comment below if you need further assistance with PCI compliance in QuickBooks Payments. The Community is always here to support you. Stay safe!

View solution in original post

Reply Join the conversation
dnasplatt1
Level 3
‎April 16, 2025 02:05 PM

Account management

Thank you so much, yawl answered so fast!  I've just looked at my QBO, which I only have on one computer and I am the only one using it.  I don't even have the customers CC number!  It isn't in the transaction, just the last 4 digits and I was EVERYWHERE in my merchant account.  I'm pretty paranoid and don't even surf the web from that computer, just QB and a few locked sites.  I'm thinking I'm good, and I appreciate your input SO MUCH!!!

Reply Join the conversation
MichaelOD
Level 5
‎June 23, 2025 11:18 AM

Account management

This response is irrational. The only way a credit card number can be stored on

my devices is if QuickBooks ONLINE surreptitiously placed them there. How can I possibly be responsible for where QuickBooks stores information?

And if there is any possibility of a customer credit card number on my

devices, that can only be there if Intuit is LYING that this is an online product.

if we can't have a free opt out for online, I'm motivated to create a class action lawsuit.

please respond as to why Intuit's "online" product is placing any customer information on my devices, let alone credit card numbers, if this isn't an Intuit scam to force us to higher their security partner? After all, we know we'll find that in the contract between security conand

Intuit when we go to discovery phase of a lawsuit.

please respond and don't gaslight.

 

Reply Join the conversation