Objective / Issue / Question (choose one):
- Why did I Receive an Email from Lawpay Regarding PCI Compliance?
- What is a PCI Compliance Renewal Questionaire
As per Lawpay's article on PCI Compliace Overview:
What is PCI compliance and why is it important?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards set in place by the major card brands (Visa, Mastercard, American Express, Discover, and JCB). Its purpose is to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment to prevent this information from being stolen or compromised. The standard was originally adopted in 2006 and requires businesses to complete an annual compliance questionnaire regarding the way credit card information is handled in their office.
Is LawPay PCI certified?
Yes, LawPay is PCI DSS certified. ControlScan, a VISA Qualified Security Assessor, has independently audited LawPay and certified that LawPay is PCI DSS compliant. LawPay’s online portal is certified as a Level 1 Service Provider, the highest security level available. Our attestation of compliance is attached.
Why can’t LawPay certify PCI compliance for me?
PCI certification is also about your company, not just your payment processor. All organizations must individually certify PCI compliance with the card brands. However, using LawPay moves the responsibility for the key tasks of processing, transmitting, and storing cardholder data from your company to ours. The steps you need to take to validate your company’s PCI compliance are greatly reduced as a result. This allows you to take advantage of LawPay’s PCI certification to meet most of the PCI requirements.
How do I get PCI compliant?
LawPay has partnered with ControlScan to provide a complimentary, easy-to-use PCI compliance program for our clients. The online questionnaire asks how you handle credit card information in your office and verifies that you are not storing credit card numbers electronically. The questionnaire typically takes 10-15 minutes to complete and is a great business exercise to walk through to ensure everyone in your office knows the best ways to protect sensitive information and your clients.
A step-by-step guide on completing the PCI compliance questionnaire can be found here.
If you have any questions regarding your compliance status or how to get compliant, please reach out to our support specialists at 866-376-0947
Attached is our Attestation of Compliance for AffiniPay, LawPay's parent company.