Erik from PCICompliance.com 
What Is a Compensating Control? Bottom Line Up Front If you’re reading this because your payment processor just asked about compensating controls in your PCI compliance questionnaire, here’s the good news: most small businesses don’t need compensating controls at all. These are basically workarounds for when you can’t meet a specific PCI requirement exactly as … Read more
What Is PAN Truncation? A Complete Guide for Small Business Owners Bottom Line Up Front If you just received a PCI compliance questionnaire from your payment processor and you’re wondering what PAN truncation means, here’s the simple answer: it’s a way to display only part of a credit card number (like XXXX-XXXX-XXXX-1234) to keep the … Read more
What Is Network Segmentation? Bottom Line Up Front If you just received a PCI compliance questionnaire from your payment processor and saw something about “network segmentation,” don’t panic. Here’s the truth: network segmentation is simply keeping your credit card processing systems separate from everything else on your network — like having a locked cash register … Read more
Outdated POS Terminal PCI Compliance: What Your Business Needs to Know Your Old Card Terminal and PCI Compliance That credit card terminal sitting on your counter might be putting your business at risk — not just from security threats, but from compliance fines and lost ability to process payments. If you’ve received a confusing questionnaire … Read more
CDN Impact on PCI Compliance: What Your Small Business Needs to Know Relax. If you just opened an email from your payment processor about PCI compliance and your first thought was “What on earth is this?”, you’re not alone. Here’s the truth: for most small businesses, PCI compliance is much simpler than it sounds. You … Read more
What Evidence for SAQ? A Simple Guide to PCI Compliance for Small Businesses Your Payment Processor Just Sent You a Compliance Questionnaire — Now What? If you just received a PCI compliance questionnaire from your payment processor and your first thought was “What on earth is this?” — you’re not alone. Every day, thousands of … Read more
Completed Wrong SAQ The Bottom Line Up Front If you completed the wrong SAQ for your PCI compliance, don’t panic — you’re not the first business to choose the wrong questionnaire, and fixing it is usually straightforward. The most common mistake is selecting an SAQ that’s either too complex (like choosing SAQ D when you … Read more
SAQ D Too Complex? Here’s What Small Businesses Actually Need to Know About PCI Compliance Bottom Line Up Front You just received a PCI compliance questionnaire from your payment processor, and the internet is telling you that you need something called “SAQ D” — the longest, most complex self-assessment questionnaire with over 300 requirements. Take … Read more
Phone Orders: Which SAQ? Bottom Line Up Front If you just received a PCI compliance questionnaire from your payment processor and you’re taking phone orders PCI compliance seriously, here’s the good news: most businesses that accept card payments over the phone qualify for one of the simpler SAQ types. You don’t need a computer science … Read more
Changed Processor: New PCI? The Truth About Changing Payment Processors and PCI Compliance So you just changed payment processor PCI requirements landed in your inbox, and now you’re wondering if you need to start your compliance journey all over again. Here’s the good news: if you were already PCI compliant with your previous processor, you’re … Read more
