Skip to main content
About PCI Compliance

In order to accept credit card payments, businesses must comply with PCI compliance standards

Serena Edwards avatar
Written by Serena Edwards
Updated today

What is PCI Compliance?

When you sign up for an EnrollsyPay account, to comply with PCI, merchants must complete a Self-Assessment Questionnaire (SAQ). After your account is approved, you should receive an email from Security Metrics, who is the service provider Till Payments (the credit card merchant account provider) uses to ensure and assist with PCI compliance.

Several parts of SAQs apply to different kinds of businesses, and many small business owners and merchants aren't sure which ones apply to them. You are guided through the questionnaire by Security Metrics, ensuring all the appropriate sections are completed.

You will see a "Nonreceipt of PCI Validation" fee on your monthly statement if you never complete the PCI Compliance Verification Questionnaire.

This assessment and the other resources we share here will empower you to become PCI-compliant. PCI compliance saves money and helps protect you from risk as a merchant accepting electronic payments.

Steps to Complete Questionnaire

See the steps below to complete the questionnaire.

  1. Click here to sign up or log in to Security Metrics.

  2. Click the login button (Till Payments should have already created your account). Please let us know if you have trouble logging in.

  3. Use your email address as the primary contact email on the credit card merchant account application.

    1. Note: A field also asked if you want a separate email address used for PCI compliance correspondence, which would have overridden the primary contact email.

  4. You can reset your password on Security Metric's login page.

  5. Having trouble knowing how to answer some questions? Click here to see a guide on how to complete the questionnaire.

Log In Troubleshooting

Upon Approval of your Merchant Accounts, the person who filled out that application should have received emails providing access to your Merchant Gateways. If they did not receive this email or if you need to add someone else to your account, please send the following information to us-support@tillpayments.com for each person to whom you would like to grant access:

  • Full name

  • Email address

  • Time zone

  • MID (Merchant ID, which you can find on your statements or in your welcome email)

Till Payments will send out invitations to log in to the portal.

Written Security Policy

The first question on the PCI Compliance Questionnaire pertains to a written security policy for P2PE. The Payment Card Industry (PCI) Security Standards Council created Point-to-Point Encryption (P2PE) as an encryption standard. It requires merchants' point-of-sale terminals to encrypt payment card data immediately after use. Payment processors cannot decrypt it until they transport it securely and process it.

Since 2011, P2PE has been an official program of the PCI Standards Council. Using PCI-validated P2PE solutions is not mandatory, but complying with PCI Council standards reduces the P2PE Self-Assessment Questionnaire to 26 items.

Related Resources:

Did this answer your question?