Skip to main content
PCI Compliance

Learn how to complete your PCI Compliance Survey

Caroline Hilton avatar
Written by Caroline Hilton
Updated this week

What is PCI Compliance?

When you sign up for an EnrollsyPay account, in order to comply with PCI, merchants must complete a Self-Assessment Questionnaire (SAQ). After your account is approved, you should receive an email from Security Metrics, who is the service provider TillPayments/Nuvei (the credit card merchant account provider) uses to ensure and assist with PCI compliance.

You will see a "Nonreceipt of PCI Validation" fee on your monthly statement if you never complete the PCI Compliance Verification Questionnaire.

This assessment and the other resources we share here will allow you to become PCI compliant. PCI compliance saves money and helps protect you from risk as a merchant accepting electronic payments.

Steps to Complete Questionnaire

  1. Click the login button (TillPayments should have already created your account)

  2. Use the email address you used as the primary contact email on the credit card merchant account application

    Note: A field also asked if you want to have a separate email address used for PCI compliance correspondence, which would have overridden the primary contact email

  3. If you forgot your password, you could reset your password on Security Metric's login page

  4. Having trouble knowing how to answer some questions? Click here to see a guide on how to complete the questionnaire.

Written Security Policy

The first question on the PCI Compliance Questionnaire pertains to a written security policy for P2PE. The Payment Card Industry (PCI) Security Standards Council created Point-to-Point Encryption (P2PE) as an encryption standard. It requires merchants' point-of-sale terminals to encrypt payment card data immediately after use. Payment processors cannot decrypt it until they transport it securely and process it.

Since 2011, P2PE has been an official program of the PCI Standards Council. Using PCI-validated P2PE solutions is not mandatory, but complying with PCI Council standards reduces the P2PE Self-Assessment Questionnaire to 26 items.

Did this answer your question?