PCI Compliance (Legacy systems, PAX S300)

All merchant accounts via CardConnect have 60 days after account creation to get PCI compliant before being charged non-compliance fees. Here’s how to get PCI compliant:

1. Go to www.cardpointe.com and log in.
2. Go to My Account.
3. If you see an alert message about not being PCI Compliant, then click the “Not Compliant” link as shown in the picture above.
4. This will take you to the SecureTrust website where you can complete the PCI Self Assessment as well as the PCI Network Vulnerability Scan.
5. When beginning the PCI Self Assessment be sure to click on “Start Over” at the beginning, since it sometimes skips some important basic account setup questions when jumping to the Trustwave site from the CardPointe website.
6. If asked about what equipment or software you’re using to process credit card payments, enter “pcAmerica Cash Register Express” or some variation of that, and if you are using the EMV PIN pad then also enter “PAX S300”
7. If asked if you’re using a third party for anything, select No.

That’s all there is to it!  It takes maybe 20 minutes or less to do all this.

There are no trick questions, and if you get anything “wrong” it will tell you afterwards and you can easily go back and update your answers once you’ve addressed the issue.  No worries!  Trustwave’s entire goal is to help you get PCI compliant.

Beyond that you only need to do the Self Assessment once per year and if there haven’t been any changes in your setup from the prior year it’s greatly simplified compared to the first time.

If your PCI Network Vulnerability Scan report comes back with a Failing grade then don’t hesitate to use the Customer Support button on the Trustwave website for assistance with understanding the scan results and how to correct them.